Wireshark Remote Capture Issues
Hi guys - I'm attempting to setup remote capturing. I have opened up TCP port 2002 on the Windows 10 firewall - which allows me to add remote interfaces.
However, when I attempt to capture, it times out and states 'is the server configured correctly..'
I can see from netstat -an that the machine is indeed listening on port 2002 - If I disable the Windows Firewall on the target machine everything works. Are there any additional ports that require opening for packet capture to take place?
Windows Firewall log shows
2018-09-18 20:40:56 DROP TCP 192.168.50.100 192.168.50.186 60281 65213 52 S 3176331892 0 8192 - - - RECEIVE
Also - I have noticed that when adding a remote interface, I see multiple entries for the same machine in the Remote Interfaces window - All entries are identical with the same list of interfaces. Wireshark version is 2.6.3 and Winpcap is on the latest release.
Many thanks
Any ideas guys/gals?