This is our old Q&A Site. Please post any new questions and answers at

Running Wireshark 1.6.1 on Win 7 x64.

I have a webserver running on my PC, and would like to capture packets from applications accessing the webserver, from the same PC. Attempting to capture packets on the usual port don't seem to work. Is this even possible? Thanks for any pointers.

asked 22 Aug '11, 07:16

cgtyoder's gravatar image

accept rate: 0%

I don't think it is, because the packets are not going out to the network and winpcap will not be able to pick them up. For that kind of scenario I usually put application and server on two different PCs to be able to see what is going back and forth - it's a pain to do that, but IMHO the easiest way to see what is really happening.

permanent link

answered 22 Aug '11, 07:41

Jasper's gravatar image

Jasper ♦♦
accept rate: 18%

Unfortunately on Windows intra-PC packets (loopback) don't surface at a level that WinPCap can capture them.

See THIS page on the Wireshark Wiki for more info about loopback capturing.

permanent link

answered 22 Aug '11, 07:55

grahamb's gravatar image

grahamb ♦
accept rate: 22%

grahamb, thanks for the pointer. RawCap looks like a great deal, but the traffic I am after is SSL-encrypted, and it would be way too much work to manually decrypt. I ended up re-creating the sending env on another computer, and quickly found the problem I was after. Thanks much for the pointers.

(22 Aug '11, 11:53) cgtyoder

Have a look at Fiddler as well, it's an HTTP(S) proxy that logs all traffic in plain text.

(22 Aug '11, 13:39) grahamb ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 22 Aug '11, 07:16

question was seen: 10,172 times

last updated: 22 Aug '11, 13:39

p​o​w​e​r​e​d by O​S​Q​A