ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
July 17th, 2024 | 10:00am-11:55am SGT (UTC+8) | Online
Wireshark logo

Ethereal-users: Re: [Ethereal-users] ehtereal broke ssh

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <gharris@xxxxxxxxx>
Date: Sat, 9 Feb 2002 15:32:00 -0800
On Sat, Feb 09, 2002 at 07:22:58AM -0800, William Van wrote:
> I setup a solaris box with ssh and vnc.  I also setup
> a windows xp box 
> with ssh and vnc.  I was successful in setting up a
> ssh tunnel from the 
> win box to the sol box, and then connecting via vnc,
> no problem.  
> However, I then installed Ethereal on the win
> box...and that 's when my 
> trouble began.  I can connect via ssh, but the tunnel
> is not setup.  Also, 
> when I launch vnc on the win box, I get an error that
> local loop-back is disabled.  Any ideas?

Ethereal is extremely unlikely to have made any difference - it's just
an application.

However, if you also installed WinPcap, so that you can capture packets
with Ethereal, that might have made a difference (and would have made a
difference even if you *hadn't* installed Ethereal, but had installed
WinDump and/or Analyzer instead).

WinPcap's device driver connects to the Windows networking stack, and
may do so in ways that break other things that connect to the networking
stack.  See, for example:

	http://www.ethereal.com/faq.html#q4.9

"Q 4.9: I'm running Ethereal on Windows NT/2000; my machine has a PPP
(dial-up POTS, ISDN, etc.) interface, and it shows up in the "Interface"
item in the "Capture Preferences" dialog box.  Why can no packets be
sent on or received from that network while I'm trying to capture
traffic on that interface?

A: WinPcap doesn't support PPP WAN interfaces on Windows NT/2000; one
symptom that may be seen is that attempts to capture in promiscuous mode
on the interface cause the interface to be incapable of sending or
receiving packets.  You can disable promiscuous mode using the -p
command-line flag or the item in the "Capture Preferences" dialog box,
but this may mean that outgoing packets, or incoming packets, won't be
seen in the capture."

(The above is an example of *a* way in which the WinPcap driver
interferes with other networking software; it is not necessarily the
*only* way, so that doesn't mean that if those aren't the symptoms
you're seeing, it's not WinPcap's fault.)

For issues with WinPcap, you should check the WinPcap Web site:

	http://netgroup-serv.polito.it/winpcap/

and/or send mail to the WinPcap developers:

	winpcap@xxxxxxxxxxxxxxxxxxxxxxx

(your mail should note that you're using Windows XP and, presumably,
WinPcap 2.3 beta - if you're not using WinPcap 2.3 beta, you should
un-install WinPcap 2.2 and install 2.3 beta, as 2.2 doesn't support
Windows NT 5.1, i.e. Windows XP and Windows .NET Server).
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube