Thanks Stephen. Anyone has tested it before?
What is the min specs requirement PC to perform this?
1) Choice of OS e.g. Windows vs Linux
2) Choice of packet capture method: libcap, wincap, tcpdump and
etc
3) Processor Speed , RAM, HDD requirement, type Gigabit card
supported
4) HDD sizing for full capture for 2 weeks (24 hrs/day)
Thanks
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Stephen
Fisher
Sent: Wednesday, December 19, 2007 12:18 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Gigabit Traffic
On Wed, Dec 19, 2007 at 12:05:13PM +0800, Halim Wijaya wrote:
> Is Wireshark able to capture Gigabit traffic at full speed without
> dropping any packets?
In theory it is possible if you have a fast enough computer. I've never
tried it myself, but here are some tips to get Wireshark to run faster:
http://wiki.wireshark.org/Performance
However, you're probably better off running dumpcap (a command-line
program that comes with Wireshark). Dumpcap's entire purpose is to
capture packets as fast as possible without interpreting them; in fact,
it's the back-end capture mechanism that Wireshark uses. Dumpcap lets
you save the traffic to a file and then you can read it in with
Wireshark later.
Steve
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
