1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Wireshark capturing packets...

Discussion in 'Networking' started by KevzJD, Dec 18, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. KevzJD

    KevzJD Thread Starter

    Joined:
    Oct 19, 2010
    Messages:
    135
    Hi,

    Ive just downloaded wireshark just to mess around and ive noticed that even when ive got nothing open its still capturing packets. It gives me a choice of interfaces i want to choose to monitor and i would of thought it be "Realtek PCIe Family Controller" as this is normally the default one (im using wireless) but its saying no packets are being captured from this interface its the "Microsoft" Interface thats capturing the packets. Ive attached a screenshot, i know this isnt nothing bad but was just wondering 1) why isnt my Realtek PCIe interface capturing anything (even when i have youtube open it doesnt capture anything) and 2) why is Microsoft capturing packets? what is this microsoft interface and why is it capturing packets when nothing is open.

    Thanks in advance
     

    Attached Files:

  2. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    79,918
    First Name:
    Terry
    Are you sure you have an ethernet cable connected and actually have a connection there? Usually when somebody is "using wireless" the ethernet is not even connected.

    What's the name of your wireless adapter? So that we have a better idea of what you are doing how about showing (if you are running Windows) ...

    Start, Run, CMD, OK to open a command prompt:
    (For Vista or 7 type CMD in the Search box after Start)

    Type the following command:

    IPCONFIG /ALL

    [Note that there is no space between the slash and ALL.]

    Right click in the command window and choose Select All, then hit Enter.
    Paste the results in a message here.

    If necessary use a text file and removable media to copy the results to a computer with internet access.
     
  3. KevzJD

    KevzJD Thread Starter

    Joined:
    Oct 19, 2010
    Messages:
    135
    Hi Terry,

    No i'm definitely using wireless and there's no Ethernet cable plugged in. My wireless card is just called "802.11n Wireless LAN Card". However it doesn't list this interface as an option to capture packets with.

    I've been advised by someone the packets it capturing (when i have no applications running) are broadcasts and multicasts making sure nothings changed on the network.

    Here's my ipconfig test also as requested (ignore the VMware, i don't use this)

    C:\Users\paul>ipconfig /all

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : paul-PC
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Wireless LAN adapter Wireless Network Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : 802.11n Wireless LAN Card
    Physical Address. . . . . . . . . : 70-F1-A1-95-05-E3
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::794c:99ff:52d:4655%12(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.0.105(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : 19 December 2011 16:28:49
    Lease Expires . . . . . . . . . . : 26 December 2011 16:28:49
    Default Gateway . . . . . . . . . : 192.168.0.1
    DHCP Server . . . . . . . . . . . : 192.168.0.1
    DHCPv6 IAID . . . . . . . . . . . : 208728481
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-96-20-39-44-87-FC-AA-1B-41

    DNS Servers . . . . . . . . . . . : 192.168.0.1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Local Area Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
    Physical Address. . . . . . . . . : 44-87-FC-AA-1B-41
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter VirtualBox Host-Only Network:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
    Physical Address. . . . . . . . . : 08-00-27-00-94-E6
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::4d3b:4ca4:5a31:3f71%18(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . :
    DHCPv6 IAID . . . . . . . . . . . : 503840807
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-96-20-39-44-87-FC-AA-1B-41

    DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
    fec0:0:0:ffff::2%1
    fec0:0:0:ffff::3%1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter VMware Network Adapter VMnet1:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
    1
    Physical Address. . . . . . . . . : 00-50-56-C0-00-01
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::696d:72c2:195e:c1f8%19(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.64.1(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . :
    DHCPv6 IAID . . . . . . . . . . . : 570445910
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-96-20-39-44-87-FC-AA-1B-41

    DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
    fec0:0:0:ffff::2%1
    fec0:0:0:ffff::3%1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter VMware Network Adapter VMnet8:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
    8
    Physical Address. . . . . . . . . : 00-50-56-C0-00-08
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::24a7:7a6b:9835:5139%20(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.226.1(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . :
    DHCPv6 IAID . . . . . . . . . . . : 587223126
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-96-20-39-44-87-FC-AA-1B-41

    DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
    fec0:0:0:ffff::2%1
    fec0:0:0:ffff::3%1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.{6B34D75D-259D-4504-A4C6-867D15154AA0}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{33D1ED1C-8871-4C79-91D6-BAAC3B69C5AE}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{74935293-A7C7-4CB8-B651-25AEA4453054}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{524D80CB-A3CE-4424-85A4-2FD39BCC1C69}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    C:\Users\paul>
     
  4. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    79,918
    First Name:
    Terry
    Never used Wireshark, so I do not know why the wireless interface is called "Microsoft" instead of "802.11n Wireless LAN Card."

    In addition to the broadcasts and multicasts you have to be pretty diligent to get to a state of "nothing open." It's difficult to get Windows update, anti-malware applications, IMs, email clients, browsers, Adobe reader, Java, Flash and all the other programs that like to check for updates or for incoming messages all shut off. For example, that first line in your first screen shot shows that something is communicating with a Google server.
     
  5. KevzJD

    KevzJD Thread Starter

    Joined:
    Oct 19, 2010
    Messages:
    135
    That's great! thanks for the information :) the thread can be closed i guess!
     
  6. TerryNet

    TerryNet Moderator

    Joined:
    Mar 23, 2005
    Messages:
    79,918
    First Name:
    Terry
    You're welcome. :)

    You can mark this solved using the [​IMG] button at the upper left of the page.
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1031808

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice