This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Wireshark install

0

Can I run wireshark without doing an install? We have some prod servers that we cannot install the program until the weekend and need to run it without an install?

Thank you, Dario

asked 02 Nov '11, 14:14

lastcall1969's gravatar image

lastcall1969
1111
accept rate: 0%

2 Answers:

0

You can download the sources and compile Wireshark yourself, then you can run it from the build directory without doing an install. Or, if your production servers are running Windows, then it might be easier for you to download and install either the U3 or portableapps versions on a compatible USB flash drive and run it from there instead.

If your production servers are running Windows and you want to capture live traffic as opposed to only reading existing capture files, then you will still have to install WinPcap though.

answered 02 Nov '11, 17:48

cmaynard's gravatar image

cmaynard ♦♦
9.4k1038142
accept rate: 20%

0

If the production servers have, for example, tcpdump or snoop installed on them (many UN*Xes may have tcpdump installed; Solaris machines might have snoop installed), you could use tcpdump with -s 0 -w or snoop with -o to capture the network traffic, and then copy it to a machine that has Wireshark installed on it and open the capture there.

answered 03 Nov '11, 18:30

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%