Ethereal-users: Re: [Ethereal-users] HTTP Packets on a Virtual Machine
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Joe Elliott <joe@xxxxxxxxx>
Date: Wed, 7 Dec 2005 07:45:18 -0800 (PST)
Hello Dujean,
It completely depends on the VM version and its implementation. Its
nothing to do with Ethereal. Its dependant on how/if the vendor wrote code to
support Promiscuous mode.
I have used VMWare Workstation versions 2,3,4 and 5. Promiscuous mode works
on version 4 and 5 but not before then.
Create a 2nd virtual interface and snoop on that. Not the primary interface.
That may make a difference on some versions.
I used Linux virtual machines running on XP in all cases. I have not tried
windows VM's on Windows or VM's runnning on Linux.
Hope this helps ... Joe.
--
__o _~o __o
"Know your Network" `\<, `\<, `\<,
______________________________________(*)/_(*)__(*)/_(*)__(*)/_(*)________
Im a 21st Century Digital Boy ... I aint got a life, but I got lotsa toys.
*************** Joe Elliott joe@xxxxxxxxx AOL:xqos ********************
- NetContExt - sniffer trace forensics - tcp follow stream analysis -
- Extract data files and Images from tcpdump & ethereal packet payloads -
- Inetd.Com Network analysis solutions http://www.inetd.com -
- PGP Key: http://joe.inetd.com/joe.pgp -
--------------------------------------------------------------------------
On Wed, 7 Dec 2005, Dujean Keegan wrote:
> Date: Wed, 7 Dec 2005 11:05:52 -0000
> From: Dujean Keegan <dkeegan@xxxxxxxxxx>
> Reply-To: Ethereal user support <ethereal-users@xxxxxxxxxxxx>
> To: ethereal-users@xxxxxxxxxxxx
> Subject: [Ethereal-users] HTTP Packets on a Virtual Machine
>
> Morning
>
>
>
> I have installed the Ethereal utility on a Virtual machine on a ESX ver
> 2.5.1 Server and am trying to capture the HTTP packets.
>
>
>
> I have also set up the port mirroring on my switch for this Virtual
> Machine. Unfortunately, Ethereal only seems to capture the HTTP traffic
> for the Virtual Machine that it is installed on.
>
>
>
> I did the same thing on another server that is not a ESX Virtual Machine
> and am able to capture the HTTP traffic.
>
>
>
> Is there a configuration change that needs to be made for the virtual
> machine, or is Ethereal not supported on a Virtual machine?
>
>
>
> Many thanks
>
> Dujean Keegan
>
>
>
>
>
>
>
> ----------------------------------------------------------------------------------------------------------------------
> ATL Confidentiality Note
>
> If you are the recipient of this communication please be aware that this communication contains information that is confidential and may also be legally privileged. It is for the exclusive use of the intended recipient(s). If you are the intended recipient(s) please note that any distribution, copying or use of this communication or the information in it is strictly prohibited. Any views or opinions presented are solely those of the author. If this message is received by anyone other than the addressee, please return the message to the sender by replying to it and then delete the message from your computer.
>
> Scanning of this message and addition of this footer is performed
> by SurfControl E-mail Filter software in conjunction with
> virus detection software.
>
- References:
- [Ethereal-users] HTTP Packets on a Virtual Machine
- From: Dujean Keegan
- [Ethereal-users] HTTP Packets on a Virtual Machine
- Prev by Date: [Ethereal-users] GetPrinterData
- Next by Date: [Ethereal-users] Using Text2pcap
- Previous by thread: [Ethereal-users] HTTP Packets on a Virtual Machine
- Next by thread: [Ethereal-users] GetPrinterData
- Index(es):