Difference between revisions of "Windows rpcapd"

Revision as of 13:45, 15 October 2014

(tested on 8.1 64b, IP 192.168.88.247)

Instal windows wireshark including wincap driver
Locate winpcap file (c:\Program Files (x86)\WinPcap)
In winpcap folder we create config file for 'Remote Packet Capture' service (and set from which IP we will access this service)

rpcapd.exe -s rpcapd.ini -l 192.168.88.243
press CTRL+C and check existence of file rpcapd.ini

edit rpcapd.ini using any text editor and change value of option NullAuthPermit to YES

notepad rpcapd.ini

PC settings->services->remote packet capture->start

(tested on linux Wheezy, IP 192.168.88.243)

@@ Line 1: / Line 1: @@
 == Steps for enable live sniffer as a service on Windows ==
 '' (tested on 8.1 64b, IP 192.168.88.247) ''
-# Instal windows wireshark including wincap driver
+* Instal windows wireshark including wincap driver
-# Locate winpcap file (c:\Program Files (x86)\WinPcap)
+* Locate winpcap file (c:\Program Files (x86)\WinPcap)
-# In winpcap folder we create config file for 'Remote Packet Capture' service (and set from which IP we will access this service)<br/> rpcapd.exe -s rpcapd.ini -l 192.168.88.243
+* In winpcap folder we create config file for 'Remote Packet Capture' service (and set from which IP we will access this service)
+ rpcapd.exe -s rpcapd.ini -l 192.168.88.243
   press CTRL+C and check existence of file rpcapd.ini
-# edit rpcapd.ini using any text editor
+* edit rpcapd.ini using any text editor and change value of option <b>NullAuthPermit</b> to <b>YES</b>
   notepad rpcapd.ini
-# Start
+* Start
   PC settings->services->remote packet capture->start
-# we can chec
+* we can chec
 == Steps for enable live capture using rpcap from remote PC ==
 '' (tested on linux Wheezy, IP 192.168.88.243) ''