----- Original Message ----- From: "Joerg Mayer" <[EMAIL PROTECTED]> To: "Community support list for Wireshark" <wireshark-users@wireshark.org> Sent: Monday, June 18, 2007 8:39 AM Subject: Re: [Wireshark-users] Windows leaking packets that Wiresharkdoesn't detect!
> On Sun, Jun 17, 2007 at 12:09:55PM +0800, Surg Junk wrote: >> A few days ago I noticed on the status page of my wireless connection >> that I >> was constantly sending packets, far more packets than I was receiving. >> Believing this to be suspicious I ran virus and spyware scans, disabled >> any >> unnecessary services, ended any process I knew I didn't require but still >> couldn't trace the cause of the leaky packets. >> >> I then used wireshark thinking this would definitely lead me to the >> source >> of the packets but having ran the scan a number of times, it doesn't >> produce >> any results. That's not to say wireshark isn't working. If I start up >> internet explorer or irc, wireshark immediately captures and displays the >> packets but if I just have wireshark capturing and nothing else running, >> I >> can see the sent packets going up on the wireless connection status page >> but >> nothing is captured. > > On windows, wireshark has problems capturing on wireless interfaces. > Maybe that is the problem. Please see > http://wiki.wireshark.org/CaptureSetup and then check the wireless > link on that page. > Well, if the user is able to capture packets sent by his browser, that might be something else. One of the things that could cause such issues is NDIS Intermediate drivers. WinPcap sits on top of them, so if you have some IM driver generating traffic on its own, WinPcap won't see it, but the statistics of your network card would probably increase. Just my two cents GV > ciao > Joerg > -- > Joerg Mayer <[EMAIL PROTECTED]> > We are stuck with technology when what we really want is just stuff that > works. Some say that should read Microsoft instead of technology. > _______________________________________________ > Wireshark-users mailing list > Wireshark-users@wireshark.org > http://www.wireshark.org/mailman/listinfo/wireshark-users _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
