RE: [WinPcap-users] Logging problem with Server 2003
Title: Message There is a known issue with Intel PRO/100 and PRO/1000 NICs. Basically, it doesn't support promiscuous mode sniffing without a registry tweak. Refer to this issue on Intel's site: http://support.intel.com/support/network/sb/CS-005897.htm It will affect all sniffer apps, regardless of whose driver is used. Hope it helps. Thank you, David Barnish "God does not play dice!" -- Albert Einstein "Not only does God play dice with the Universe - he sometimes casts them where they can't be seen." -- Stephen Hawking -Original Message-From: KOURTIS Stamatis [mailto:[EMAIL PROTECTED]Sent: Tuesday, February 08, 2005 3:01 AMTo: winpcap-users@winpcap.polito.itSubject: RE: [WinPcap-users] Logging problem with Server 2003 Hi Gianluca, I am using a Dell desktop with an Intil PRO/1000 MT Network connection card. The interesting point is that this machine was working on windows XP professional and it had no problems but the moment I installed windows 2003 then I have been having this logging problem. I have used several different tools than Ethereal (all of which rely on winpcap) and I have the same problem with all of them. For your information, I tried winpcap 3.0 and 3.1b4 but with the same results. Any ideas? Many thanks in advance Stamatis -Original Message-From: Gianluca Varenni [mailto:[EMAIL PROTECTED] Sent: Sunday 6 February 2005 22:15To: winpcap-users@winpcap.polito.itSubject: Re: [WinPcap-users] Logging problem with Server 2003 Hi. It's rather strange. WinPcap does not interact with the TCP/IP stack in any way (apart from retrieving the IP addresses of each newtork adapter). Do you have any VPN/Personal firewall software installed on your machine? Can you provide me more details on the hardware (network cards)you are using? Your network card seems to perform IP and TCP checksum offloading (i.e. the IP and TCP checksums are computed by the board, instead of the tcp/ip stack). Have a nice day GV - Original Message - From: KOURTIS Stamatis To: winpcap-users@winpcap.polito.it Sent: Friday, January 28, 2005 4:38 PM Subject: [WinPcap-users] Logging problem with Server 2003 Hi, I have recently installed etherealwith WinPcap 3.1b4on a windows 2003 server but it appears that I cannot get logged any traffic originating from the server unless a TCP flag has been set. For example, the attachement has a log of a file transfer but no packets appear to transmitted from the server although acknoledgements arrive regularly. A close examination of all server originated traffic shows that all logged packets have at least one TCP flag set. I tried otherlogging applications as well and all of them had the same problem with Ethereal and I was wondering if there is a particular issue with WinPcap. For your information,the same problem appears with WinPcap 3.0. I'd really appreciate if you could point out what might be the problemin this case. Many thanks in advance, Stamatis Do You Yahoo!?@yahoo.gr Yahoo! Mail.*DISCLAIMER*This electronic transmission (and any attached document) is intended exclusively for the person or entity to whom it is addressed and may contain confidential and/or privileged material. Any disclosure, copying, distribution or other action based upon the information by persons or entities other than the intended recipientis prohibited. If you receive this message in error, please contact the sender and delete the material from any and all computers. Mobistar does not warrant a proper and complete transmission of thisinformation, nor does it accept liability for any delays.*END OF DISCLAIMER**DISCLAIMER*This electronic transmission (and any attached document) is intended exclusively for the person or entity to whom it is addressed and may contain confidential and/or privileged material. Any disclosure, copying, distribution or other action based upon the information by persons or entities other than the intended recipientis prohibited. If you receive this message in error, please contact the sender and delete the material from any and all computers. Mobistar does not warrant a proper and complete transmission of thisinformation, nor does it accept liability for any delays.*END OF DISCLAIMER*
RE: [WinPcap-users] Logging problem with Server 2003
Title: Message Hi Gianluca, I am using a Dell desktop with an Intil PRO/1000 MT Network connection card. The interesting point is that this machine was working on windows XP professional and it had no problems but the moment I installed windows 2003 then I have been having this logging problem. I have used several different tools than Ethereal (all of which rely on winpcap) and I have the same problem with all of them. For your information, I tried winpcap 3.0 and 3.1b4 but with the same results. Any ideas? Many thanks in advance Stamatis -Original Message-From: Gianluca Varenni [mailto:[EMAIL PROTECTED] Sent: Sunday 6 February 2005 22:15To: winpcap-users@winpcap.polito.itSubject: Re: [WinPcap-users] Logging problem with Server 2003 Hi. It's rather strange. WinPcap does not interact with the TCP/IP stack in any way (apart from retrieving the IP addresses of each newtork adapter). Do you have any VPN/Personal firewall software installed on your machine? Can you provide me more details on the hardware (network cards)you are using? Your network card seems to perform IP and TCP checksum offloading (i.e. the IP and TCP checksums are computed by the board, instead of the tcp/ip stack). Have a nice day GV - Original Message - From: KOURTIS Stamatis To: winpcap-users@winpcap.polito.it Sent: Friday, January 28, 2005 4:38 PM Subject: [WinPcap-users] Logging problem with Server 2003 Hi, I have recently installed etherealwith WinPcap 3.1b4on a windows 2003 server but it appears that I cannot get logged any traffic originating from the server unless a TCP flag has been set. For example, the attachement has a log of a file transfer but no packets appear to transmitted from the server although acknoledgements arrive regularly. A close examination of all server originated traffic shows that all logged packets have at least one TCP flag set. I tried otherlogging applications as well and all of them had the same problem with Ethereal and I was wondering if there is a particular issue with WinPcap. For your information,the same problem appears with WinPcap 3.0. I'd really appreciate if you could point out what might be the problemin this case. Many thanks in advance, Stamatis Do You Yahoo!?@yahoo.gr Yahoo! Mail.*DISCLAIMER*This electronic transmission (and any attached document) is intended exclusively for the person or entity to whom it is addressed and may contain confidential and/or privileged material. Any disclosure, copying, distribution or other action based upon the information by persons or entities other than the intended recipientis prohibited. If you receive this message in error, please contact the sender and delete the material from any and all computers. Mobistar does not warrant a proper and complete transmission of thisinformation, nor does it accept liability for any delays.*END OF DISCLAIMER* *DISCLAIMER* This electronic transmission (and any attached document) is intended exclusively for the person or entity to whom it is addressed and may contain confidential and/or privileged material. Any disclosure, copying, distribution or other action based upon the information by persons or entities other than the intended recipient is prohibited. If you receive this message in error, please contact the sender and delete the material from any and all computers. Mobistar does not warrant a proper and complete transmission of this information, nor does it accept liability for any delays. *END OF DISCLAIMER*
Re: [WinPcap-users] Logging problem with Server 2003
Title: Message Hi. It's rather strange. WinPcap does not interact with the TCP/IP stack in any way (apart from retrieving the IP addresses of each newtork adapter). Do you have any VPN/Personal firewall software installed on your machine? Can you provide me more details on the hardware (network cards)you are using? Your network card seems to perform IP and TCP checksum offloading (i.e. the IP and TCP checksums are computed by the board, instead of the tcp/ip stack). Have a nice day GV - Original Message - From: KOURTIS Stamatis To: winpcap-users@winpcap.polito.it Sent: Friday, January 28, 2005 4:38 PM Subject: [WinPcap-users] Logging problem with Server 2003 Hi, I have recently installed etherealwith WinPcap 3.1b4on a windows 2003 server but it appears that I cannot get logged any traffic originating from the server unless a TCP flag has been set. For example, the attachement has a log of a file transfer but no packets appear to transmitted from the server although acknoledgements arrive regularly. A close examination of all server originated traffic shows that all logged packets have at least one TCP flag set. I tried otherlogging applications as well and all of them had the same problem with Ethereal and I was wondering if there is a particular issue with WinPcap. For your information,the same problem appears with WinPcap 3.0. I'd really appreciate if you could point out what might be the problemin this case. Many thanks in advance, Stamatis Do You Yahoo!?@yahoo.gr Yahoo! Mail.*DISCLAIMER*This electronic transmission (and any attached document) is intended exclusively for the person or entity to whom it is addressed and may contain confidential and/or privileged material. Any disclosure, copying, distribution or other action based upon the information by persons or entities other than the intended recipientis prohibited. If you receive this message in error, please contact the sender and delete the material from any and all computers. Mobistar does not warrant a proper and complete transmission of thisinformation, nor does it accept liability for any delays.*END OF DISCLAIMER*
