Greetings, in recent tshooting of a web application I have come across an issue where I do not see the SYN packet in the wireshark capture. In netstat I see the connection as Syn_Sent, however I don't see the packet in the wireshark capture. I do however see the capture in a netsh trace. Any idea why the packet isn't being captured with wireshark? Thanks in advance! asked 19 Dec '14, 10:57  Ziggy |
One Answer:
Please read the questions with the following tags: outgoing or outbound Usually the reason for this is some software on the capturing system (Enpoint Security, VPN, IPS, etc.) that prevents Wireshark from seeing outgoing/outbound packets. You'll find all the details in the other questions and answers. Regards answered 27 Dec '14, 08:38  Kurt Knochner ♦ |
I have had this on Windows 7 when the local firewall was dropping packets silently. Try looking there (would probably be the same on linux)
I actually first suspected windows firewall but I have turned it off in all network profiles with the same result. Thanks!