Solved

Running Dumpcap on a remote machine

Posted on 2016-08-02
3
37 Views
Last Modified: 2016-08-14
Hello All,

I have been hearing things about the application dumpcap/tshark that comes as a part of a Wireshark and I would like to be able to run this application on network pc's. The network performance is quite slow and theres multiple application issues that are quite hard to troubleshoot while the network is so slow.

Here's the scenario:
I have 100+ PC's on a local network and on these workstations they're legacy applications as well as more mainstream applications running, even some that use VOIP for ip phone communication..I would like to be able to run the dumpcap at certain times through out the week.


Now my question is:
What is the process of installing dumpcap on a remote machine ?
0
Comment
Question by:greeneel
  • 2
3 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 41740527
Assuming a Windows machine, just RDP to it and then install it like you would if you were sitting at the machine.
0
 
LVL 11

Author Comment

by:greeneel
ID: 41743699
Hi giltjr,

Can dumpcap be installed as a stand alone application without installing the whole of wireshark ? or do i have to have wireshark installed fuly to get dumpcap to wrk?
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 41744138
Not sure.  At a minimum you need WinPcap installed: https://www.winpcap.org/ and then the dumpcap executable.  You could experiment.

I found this post about using dumpcap only:

https://ask.wireshark.org/questions/31548/dumpcap-only-without-wireshark

However it also bascially said:

If all you want to do is capture, you could try WinDump, http://www.winpcap.org/windump/install/default.htm.  It written by the same group that writes WinPcap.  I don't know how current it is, but it should work.  With it you install WinPcap and then just copy the executable and go.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Many network operators, engineers, and administrators do not take several factors into consideration when troubleshooting network throughput and latency issues.  They often  measure the throughput by performing a measurement  by transferring a large…
Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now