I'm trying to setup wireshark on a server in our environment. I have downloaded the most current version at this time 1.8.4 and installed the WinPcap that comes with it.
I have tried a few different settings to see if i can get different behavior, i have been unsuccessful.
I have set the following parameters and it will work for about 20 minutes and then wireshark crashes with C++ runtime issues.
Next File Every 15 minutes Ring buffer with 2 files
I have tried varying these values to see if any difference no luck. Wireshark seems to always crash after about 20 minutes. I'm looking to get this working for debugging we need on a server.
asked 07 Dec '12, 12:25
There are several of these report here and it's most certainly a problem with memory usage.
One user reported to have fixed the problem, by re-installing Wireshark.
Solution: Don't capture with Wireshark, use dumpcap instead.
After you have captured the data with dumpcap, you can analyze the files with Wireshark.
answered 07 Dec '12, 12:37
Kurt Knochner ♦