Date: Thu, 3 Sep 2009 00:42:44 +0200
In which case you can use "dumpcap" with a ring buffer of files to capture data for a long period (only limited by the amount of diskspace). See also: http://www.lovemytool.com/blog/2008/07/ostu_dumpcap.html
Sent: Wednesday, September 02, 2009 9:05 PM
Is the server running gig and is the network volume high? I have found, if I start a capture with wireshark on a high volume gig network, wireshark can only process so much and it will hang. I would then have to put a capture filter on and write the files out to disk.

Sent: Wednesday, September 02, 2009 11:42 AM
I'm using Wireshark 1.2.1 and the WinpCap that came with that version. It seems to work fine for few minutes, able to capture packets, etc...but after some time, it just hangs. This is on Windows Server 2008 machine. Are there any known problems for this OS. Version 1.2.0 also had the same problem. I'm not able to run it for more than 15-20 mins. Any ideas?


