Wireshark not capturing data I want

Posted on 2013-08-27
Medium Priority
Last Modified: 2013-09-01
I have built a new wireshark box. I wanted more processing power so I built it on an HP dl380 G6 with dual xeon and ..........
Any way, the laptop i was using is weak but worked, to test my new wireshark box, i set it to capture what i was using the laptop to capture. I am not seeing the traffic, i unplug the new box, and plug the laptop back into the same port and I see the traffic. I have looked through all the settings I can find and they are the same, yet one box will see the traffic i want and the other will not. The new box is capturing traffic, but when i filter it to what I want, it says there is none.

Question by:whroadmin
  • 3
  • 3

Expert Comment

by:David Gagné
ID: 39442013
I had a similar issue and it was related to the NIC on my laptop. I banged my head up against a wall for a couple of hours, I was not able to see but very limited traffic from a layer 2 switch and after changing the laptop, I was able to see all my traffic.

Author Comment

ID: 39442031
Not what I wanted to hear, this is an HP server, with broadcom netextreme nics, and the latest drivers are loaded.

Expert Comment

by:David Gagné
ID: 39442152
I actually had to go back to an older laptop.  I forget the model but it was fairly new at the time (Dell) running windows 7 and it would not gather data properly through wireshark.  I went back to an old laptop also a Dell and it worked fine.  Hopefully you do not have the same issue.
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.


Expert Comment

by:David Gagné
ID: 39442194
This might help:

Try to disable "TCP Connection Offload" in the driver of the NetXtreme NIC

Perhaps read here as well:

Accepted Solution

whroadmin earned 0 total points
ID: 39442345
Problem solved, turns out Symantec Network threat protection was blocking a lot of traffic. Turned that feature off and all is right in the world

Author Closing Comment

ID: 39456044
Found issue on my own, thanks for the tips

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Introduction Many times we come across a slowness or instability between two hosts, and almost always we blame the poor networking guys, just because they're an easy target.  Sometimes we forget that other factors including disk bottlenecks, CPU …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question