Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: Re: [Wireshark-users] Windows 2003 Server

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bart sikkes <b.sikkes@xxxxxxxxx>
Date: Tue, 4 Dec 2012 17:36:36 +0100
not sure if it is the exact reason, but you might have run into this:

http://wiki.wireshark.org/KnownBugs/OutOfMemory

as mentioned in the article and the other email also, capturing for
longer time / data shouldn't be done with the gui.

greetings,
bart

On Mon, Dec 3, 2012 at 10:58 PM,  <Tim.Poth@xxxxxxxxxxx> wrote:
> Not sure what’s up but if you’re just capturing traffic to look at later
> maybe you would be better trying tshark or dumpcap
>
>
>
> Run dumpcap –D to get your interface list
>
> EG
>
> C:\Program Files\Wireshark>dumpcap -D
>
> 1. \Device\NPF_{8CF5911A-754C-4F6D-98B9-E1234E231E00} (Intel(R) 82578DM
> Gigabit Network Connection)
>
> 2. \Device\NPF_{F458FCE1-7DB4-419F-A28B-93679D91D30F} (Microsoft
> Corporation)
>
> 3. \Device\NPF_{978FA0EA-B2E3-4E59-AF48-3674AA75DF55} (Microsoft)
>
> 4. \Device\NPF_{02060821-E84A-4AC8-A15C-5B942C5C3975} (Microsoft
> Corporation)
>
> 5. \Device\NPF_{42084919-7FD3-4D55-8989-D5BAB9BB5615} (Microsoft)
>
>
> One you select your interface the number will go after –i in the following
> command. This example uses interface #1 on my system (note outlook mail
> client sometimes messes up the dashs so you may not be able to copy and
> paste, you have to retype)
>
> EG
>
> dumpcap -i 1 -b filesize:30000 -b files:20 -w c:\temp\packetcapture.pcap
>
>
>
> Please ensure the output directory exists first! When your ready to stop hit
> control+c (or kill the command prompt but sometimes this will ‘trash’ the
> last packet in the capture and wireshark will complain when you open the
> file)
>
>
>
> Hope that helps
>
> tim
>
>
>
> From: wireshark-users-bounces@xxxxxxxxxxxxx
> [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jim Hurley
> Sent: Monday, December 3, 2012 3:23 PM
> To: wireshark-users@xxxxxxxxxxxxx
> Subject: [Wireshark-users] Windows 2003 Server
>
>
>
> Hello,
>
> I installed the latest version of Wireshark onto a server running Windows
> 2003 Server. The installation went fine, and Win PCap 4.2 installed fine as
> well.
>
> I launched Wireshark and started capturing traffic, no filters, just a ring
> buffer with 20 files each of 30 megabytes. After a period of time (1 hour
> maybe 2) I get an error from the OS saying that Visual C++ has asked to
> terminate in an unusual way.
>
> Does anyone know what could be causing this???
>
> Jim
>
>
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube