Ethereal-users: Re: [Ethereal-users] Capture interfaces (loopback?)

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Martin Regner" <martin.regner@xxxxxxxxx>
Date: Wed, 12 May 2004 20:29:37 +0200
Guy Harris wrote:
> On Tue, May 11, 2004 at 04:23:35PM +0200, Sttf wrote:
> > Any. Network associates sniffer, Etherpeek NX, etc. all sniffers that
i've
> > tried until now had this essential functionality.
>
> Perhaps the developers at Network Associates, Wildpackets, etc.  have
> figured out a way to get looped-back packets from NDIS drivers - or get
> them using some mechanism other than the NDIS mechanisms - but the
> WinPcap developers haven't.  It might be that the way to get those
> packets isn't documented by Microsoft.

I searched with Google quite much about a year ago about this, but I
couldn't find anything indicating that it
was possible to capture loopback packets on Windows. The information was
rather indicating that
it was not possible with normal sniffers/protocol analyzers.

But when I searched today I found that CommView version 4.1 supports that.
"Capture loopback traffic (a new, unique feature in version 4.1). "

I downloaded a trial version and was asked if I wanted to install a
"loopback adapter".
After doing that and rebooting I could capture packets on "Loopback"
interface with CommView.
It seems to work - however the Evalution version doesn't display the
complete packets.
http://www.tamos.com/products/commview/

I also discovered that Ports Traffic Analyzer also seems to support
capturing loopback
http://www.hsc.fr/ressources/articles/win_net_srv/index.html.fr
http://www.atelierweb.com/pta/index.htm
I haven't tried that software yet.

I couldn't find anything indicating that Etherpeek supports capturing
loopback, except that "Loopback" is listed under supported
protocols (which may mean something else).
I tried with the Etherpeek NX Demo version, but couldn't see any loopback
interface or any information
about loopback in the help texts.
Do you have any more information about this?

I also tried to look about NAI Sniffer/Sniffer Pro - but couldn't find any
information about that either (but I got so
many hits that was not relevant so it was difficult to find any useful
information. Searching on NAI homepage didn't
give any clues at all).

I have not noticed any possibilities to capture loopback with the
Sniffer/Sniffer Pro versions I have used.
If you have any more details about this it would be really good.