I am currently facing a problem in
capturing TCP traffic via a modem 3G connected to the USB port of my Windows XP
machine. The reference clock time displayed on the column of the captured file
is not the same as the one of a regular capture file I performed on the
Ethernet clock of my PC. For my test bed purpose, I need to work on absolute
time and not relative one.
To confirm I shifted the PC clock time of 1
hour and the clock time displayed on the column of the captured file through
USB didn't change while the one captured on the Ethernet interface changed
accordingly. By the way I didn't figure out which clock is use by Wireshark in
case of 3g modem USB interface connection, is it USB clock, 3g modem clock?
Is there any way to set Wireshark capturing
parameter to force it to use PC clock time instead of USB one?
Best regards
Philippe Gilberton
Researcher