I just installed wireshark and have no capture, or display filters active. Wireshark is missing a lot of messages that do show up on Microsoft Network Monitor. e.g. Some that are missing are marked as DNS and others as TCP in the Microsoft application. I presume I've got something set up wrong, any suggestions how to get the complete capture in wireshark too would be much appreciated :) asked 03 Dec '11, 15:45  Covert Coven |
One Answer:
Hey thanks for wanting to help :) I worked it out myself just now, because I exported the files captured in each and then imported them in the other: D'oh... I didn't have the DNS protocol enabled on wireshark. It's the first time I used it so it's all new to me ;) answered 04 Dec '11, 02:03 Covert Coven |
What interfaces are you trying to capture on?