I am using the stable build - Wireshark 1.6.2 on Windows 7 32 Bit and Windows 2008 32 Bit Operating Systems. To analyse the captured network data and the service elements I am using Merge DPM. Network data is captured on Windows 7 (i.e. Wireshark running on Windows 7)and saved in .cap format NA Sniffer 2.00x so that Merge DPM can read the file. But when the file captured on Windows 7 is opened in MergeDPM it does not show any service elements. Where as for captures taken on other OS like Windows Vista 32/64, Windows 2003 Server 32/64 etc... do show the service elements in MergeDPM. What is the possible problem? Any suggestions? Can anybody help giving the answer as soon as possible? Thanks! asked 09 Dec '12, 20:01 yogini |
did you limit the capture size?
What happens if you use Microsoft Network Monitor to capture the traffic on the Windows 7/Windows Server 2008 machines, open it in Wireshark, try to save it in Sniffer format, and, if that succeeds, read it in MergeDPM?
Is Wireshark capturing other packets on those machines, or is it not capturing any packets?