Wireshark-users: [Wireshark-users] capturing packets in "stealth" mode on Windows

From: David Durgee <dhdurgee@xxxxxxxxx>
Date: Sat, 3 Feb 2007 06:25:39 -0800 (PST)

I need to capture packets between a cable modem and a
router for diagnostic purposes.  I have inserted a hub
between them, so I can attach the Win2K system to it,
but I need to avoid having the capturing system
inserting packets of its own as it might either mask
the problem I am trying to diagnose or create new
problems.

I have downloaded and installed Wireshark 0.99.4 on a
Windows 2000 system.  I am able to capture packets on
my ethernet interface with the interface enabled and
in full operation, but if I disable the interface as I
expect I will need to in order to operate "stealthy"
the interface is not available to select for capture
in Wireshark.

How do I need to configure things to be able to do
what I need?  Can I define another ethernet interface
using the same NIC that has no protocols enabled on it
and then swap which one is enabled?  Do I need to
disable all protocols on the existing interface for
the capture and then manually re-enable them when I
want to reconnect to the network?

Any help appreciated.

Dave




 
____________________________________________________________________________________
Cheap talk?
Check out Yahoo! Messenger's low PC-to-Phone call rates.
http://voice.yahoo.com