Ask Your Question
0

Wireshark Not Responding

asked 2018-01-17 10:53:19 +0000

Mozz gravatar image

updated 2018-01-17 14:31:09 +0000

cmaynard gravatar image

When I start Wireshark, it loads and tries to find the interfaces. It doesn't find the network interface and then stops responding

edit retag flag offensive close merge delete

Comments

Wireshark version, and OS you're running on?

grahamb gravatar imagegrahamb ( 2018-01-17 11:23:40 +0000 )edit

OS is Windows 10 and the Wireshark version is 2.4.4

Mozz gravatar imageMozz ( 2018-01-17 11:27:38 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-01-17 12:16:41 +0000

Mozz gravatar image

I have it working now. I uninstalled Wireshark and WinPCAP and reran the installation as the administrator and then started Wireshark as the administrator and hay presto. Thanks

edit flag offensive delete link more

Comments

Note that you really, really, really shouldn't run Wireshark with elevated privileges. Doing so allows full access to your machine from the hundreds of thousands of lines of code in Wireshark, driven by whatever packets are captured or read from possibly unsafe files.

Having to run Wireshark as Administrator is an indicator that something is broken in your installation.

grahamb gravatar imagegrahamb ( 2018-01-17 12:44:58 +0000 )edit

Not enough "really"s here: really really really!

Jasper gravatar imageJasper ( 2018-01-17 13:59:50 +0000 )edit

If you are not scared enough, read this waking up presentation. The essence is that dissectors are rarely written with security in mind, so they do not check packet data validity thoroughly enough. So if you feed one with some data it is not prepared to handle, you can trick it into executing a code inside these data, or merely dissect the contents of some packets differently from what they really contain. While you cannot prevent the attacker from hiding some packet contents from you by not running Wireshark as administrator, you can prevent him from installing malware on your system.

sindy gravatar imagesindy ( 2018-01-17 16:36:16 +0000 )edit

Got it. Dropped back to normal user mode when I got the firts warning, and I'm monitoring a local network, but thanks for you feedback.

Mozz gravatar imageMozz ( 2018-01-17 16:47:30 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2018-01-17 10:53:19 +0000

Seen: 308 times

Last updated: Jan 17