Excuse my relative total ignorance here but I'm new to programming in this area (although been programming for 20 years).
I've written a small test program that captures packets and displays the packet sizes as well as showing a total size of the packets capture, I've noticed two things.... A) The individual packet sizes do not match those shown with EtherPeek. WinPCap packets are always smaller, generally 4 bytes but sometimes WinPCap returns 47 bytes compared to EtherPeeks 64 bytes. B) When comparing the total bytes against Windows Task managers Total Byte count on the networking tab, the winpcap total is always less than task managers. I think my question is, which is right? Is winpcap returning the size of the data transmitted over the network or are there some overheads that winpcap doesn't include? Or something else eg. I'm not comparing like for like? Thanks Cary. ================================================================== This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] ==================================================================
