Ask Your Question
0

Wireshark not show inbound traffic on public IP server

asked 2021-07-18 20:39:53 +0000

Hi to all, I've a problem on a server online. the server is a windows platform, Public IP on the nic. Naked. no limitations. I've installed Wireshark portable and i'm trying to catch the inbound traffic. I don't receive nothing. I mean, if i ping the server from my home, and filter about icmp there's are no requests, the ping is naturally working and receive packets. Am i wrong something? I don't understand the issue. Can I eventually create a filter for catching only incoming traffic? is there a way? Thank you.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2021-07-18 21:33:21 +0000

grahamb gravatar image

The "portable" version of Wireshark isn't the best choice for capturing traffic as it doesn't include the capture library used on Windows called npcap, instead you would have to install it manually yourself from the npcap website.

Assuming you haven't installed npcap you're probably not capturing on the Ethernet interface that the traffic you're looking for is passing through.

edit flag offensive delete link more

Comments

as it doesn't include the capture library used on Windows called npcap

And if it did include Npcap, in order to capture traffic, it would require a networking device driver that's part of Npcap. That driver runs in "kernel mode", which I think may require installing it on your machine, rather than loading it from the storage device containing Wireshark - which, as I understand it, is something that "portable" applications are not supposed to do.

Guy Harris gravatar imageGuy Harris ( 2021-07-19 03:46:30 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2021-07-18 20:39:53 +0000

Seen: 626 times

Last updated: Jul 18 '21