Windows rpcapd: Difference between revisions
Jump to navigation
Jump to search
| Line 3: | Line 3: | ||
# Instal windows wireshark including wincap driver | # Instal windows wireshark including wincap driver | ||
# Locate winpcap file (c:\Program Files (x86)\WinPcap) | # Locate winpcap file (c:\Program Files (x86)\WinPcap) | ||
# In winpcap folder we create config file for 'Remote Packet Capture' service (and set from which IP we will access this service) | # In winpcap folder we create config file for 'Remote Packet Capture' service (and set from which IP we will access this service)<br/> rpcapd.exe -s rpcapd.ini -l 192.168.88.243 | ||
press CTRL+C and check existence of file rpcapd.ini | |||
# edit rpcapd.ini using any text editor | # edit rpcapd.ini using any text editor | ||
notepad rpcapd.ini | notepad rpcapd.ini | ||
Revision as of 12:42, 15 October 2014
Steps for enable live sniffer as a service on Windows
(tested on 8.1 64b, IP 192.168.88.247)
- Instal windows wireshark including wincap driver
- Locate winpcap file (c:\Program Files (x86)\WinPcap)
- In winpcap folder we create config file for 'Remote Packet Capture' service (and set from which IP we will access this service)
rpcapd.exe -s rpcapd.ini -l 192.168.88.243
press CTRL+C and check existence of file rpcapd.ini
- edit rpcapd.ini using any text editor
notepad rpcapd.ini
- Start
PC settings->services->remote packet capture->start
- we can chec
Steps for enable live capture using rpcap from remote PC
(tested on linux Wheezy, IP 192.168.88.243)