I have a local network that I am trying to capture traffic on. Every time I start Wireshark and point it at that network, all the devices loose connection to each other. As soon as I stop Wireshark the problem goes away. asked 01 Mar '17, 12:08  pabeader showing 5 of 8 show 3 more comments |
One Answer:
Where are you writing the captured WireShark files to? If you're saving the capture on the local machine where WireShark is located you shouldn't experience this problem. But if you're attempting to write the packets to a shared server drive remotely, that will cause a massive influx of traffic which might overload your network. Cheers, answered 20 Mar '17, 23:52  wbenton |
What type of network? Ethernet? Wi-Fi? Other?
Wired Ethernet. 192.168. network with 8 different devices all talking to each other. The effect is almost immediate.
So does that network use a switch or a non-switching hub? Are you running Wireshark on one of those 8 devices, or on a separate device you've plugged into the network?
There are multiple switches all ganged together. I am plugging into an available port on one of them. Wireshark on my laptop.
Does this happen only when Wireshark is capturing in promiscuous mode, or does it even happen when you try capturing with promiscuous mode turned off?
What operating system is your laptop running?
Promiscuous on or off.
It has stopped killing the network. Now I can't see the traffic I used to. I'm trying to capture tcp traffic for port:2001 Now I don't see any of this traffic at all. It seems that every time I start Wireshark it seems to act differently. Is there a different program that is simpler?
Is there a different program
A number of other packet capture programs/tools exist. You can peruse the Tools page for some possibilities, or just perform an online search and I'm sure you'll discover some.
Go ahead and close this thread. I gave up and quit trying to figure out the issue.