I've now tested 5 different version of WireShark on my Windows 2008 R2 Servers. The only version that I found to not eat up memory at an alarming rate is the 64 Bit of 1.6.5. I've tried 1.6.14, 1.8.2, 1.8.6 and they all are eating up memory at a crazy rate even when the packet rate is not that high. Eventually Wireshark will crash which is a know bug because it is running out of memory. My issue is the rate at which the newer version are eating up memory over version 1.6.5. Can anyone explain what has changed since 1.6.5 that would account for this or is this a bug?
asked 26 Mar '13, 12:39
Are you connecting with remote desktop to the Windows 2008 R2 server? You are likely hitting a memory leak in GTK2, the multi platform GUI toolkit used by Wireshark. See bug 8281 for details.
answered 26 Mar '13, 13:07