If you received this message in error, please notify the sender and delete this message entirely from your system. If you are not an intended recipient, then any use, copying or distribution of this message or its attachments is strictly prohibited. Notice: This e-mail message and its attachments are the property of The Wendy's Company or one of its subsidiaries and may contain confidential or legally privileged information intended solely for the use of the addressee(s). This is definitely a difference between windows and linux and how they capture but I can't fathom how there can be such a difference. I then used windump and captured two separate files (one from each interface) and merged them. I used an Ubuntu Live CD in the laptop that normally runs Windows and captured via tcpdump (using built in interface and USB->ethernet dongle) and came up with a clean capture that way as well. If I run a tcpdump (or dumpcap) capture on the Linux box then copy the file to the Windows machine, it does not have the errors showing. Why would Wireshark on windows be showing that the network has errors (thousands of them per minute) but on Linux it is clean? I have never seen this situation before and don't know where to turn next - I can't trust any captures done on my Windows 7 laptop now and can't take my Linux desktop PC with me on the road!
I then bought a USB -> wired ethernet dongle for my laptop and ran wireshark on both interfaces (still on the tap) and the errors show again. My windows laptop only has one wired ethernet interface so I put a Ubuntu Linux box with two wired interfaces and when I captured with it the errors magically 'disappeared'. Wondering if I had an interface issue, I put a netoptics tap on the back office PC connection. My initial look was with the back office PC on a hub with a laptop running Win 7 Pro and wireshark. When I first looked at the network I was amazed at the volume of errors (dup ack, retrans, tcp out of order).
I have been troubleshooting a network that contains several Windows Embedded Std 7 POS systems and a back office PC that runs Win 7 Pro. Wireshark 1.10.2 (64 bit) on Windows 7, Wireshark 1.10 on Ubuntu 13.04 (compiled from source), WinPcap 4.1.3 I posted this question on wireshark site but the more I think about it (since results are the same with wireshark and windump) the more I think it is winpcap related. Next message: capture differences between Linux system and Windows with winpcap.Previous message: Problem with WinPcap 4.1.3 and Intel WIreless.
capture differences between Linux system and Windows with winpcap Newlon, Phil Phil.Newlon at Capture differences between Linux system and Windows with winpcap
0 kommentar(er)
