Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Usually that kind of behavior is seen in malicious programs, or when computer games or other legit software tries to prevent reverse engineering of the game communication patterns.

The easiest way to still get the packets would be to capture not on the computer running the software itself, but on the network, e.g. via SPAN port or TAP. That way the program cannot notice that the communication is captured. See also https://wiki.wireshark.org/CaptureSetup/Ethernet