Hi,
There are some ideas floating around like that, but nothing has been implemented
as such.
Anyway you don't want to run Wireshark dissecting all traffic for extended
periods of time. The accumulated dissection data will eat all memory.
What you probably do want is to capture for extended periods of time. That can
be done with dumpcap, the command line capture engine utility. It can be
instructed to write a circular buffer, dropping old files for new ones,
otherwise it will eat all your disk space.
You can run that in a disconnected remote desktop session for a long time, and
pick up the files as you need. I've done so for months at end, works great.
Have a look at the Wireshark wiki, sections about capture setup.
Thanx,
Jaap
vive la faq wrote:
Hi everyone,
I need to make long term captures on a windows 2003 server without any
remote desktop opened.
The ideal, I think, is to have a wireshark that can be configured as
windows service.
Is it possible ? Is there another way to do that ?
Thanks in advance
Best regards