![]() ![]()
I thought I would offer that up quickly as something to try, while continued the formal diagnosis. This is a workaround I have needed to use on several occasions to get the data I needed when in a pinch. ![]() I have not had time to diagnose the problem yet to determine if it lies with WinPCAP, Wireshark, Windows, or our security policies. #Wireshark no interfaces found reddit install#In my experience, I did not have a problem with obtaining temporary admin rights for the thousands of users I support when I needed to install Wireshark and WinPCAP and obtain a packet capture until Win8/10. It was meant as a workaround and troubleshooting step only. I only replied and did not mark my response as an answer or permanent solution. I saw this question in passing and decided to offer up my experience with this issue. I also saw it was a very brief and open question. In responding to this post, I saw was heading up a legitimate and technical diagnosis of the problem. Secondly, no where did I mean to insult anyone's intelligence. In fact, I follow your blogs, postings, videos, etc. First off, I recognize both of you as respected leaders of this community. Ok, and I think we have some miscommunication. So I absolutely second the warning of and if you run Wireshark as administrator you're using a potentially dangerous workaround that should be treated as a workaround (meaning: don't make it a permanent solution -)) If NPF doesn't work for you, try npcap instead: As a reference: so far, there are 48 CVE numbers assigned for Wireshark in 2017 alone: Ī much more safe way is to run Wireshark as normal user, and only allow dumpcap to access the network card via the NPF driver, which has an attack surface that is orders of a magnitude smaller. #Wireshark no interfaces found reddit code#From a security point of view it is quite careless to run Wireshark "as Administrator", because that exposes the huge (and still vulnerable) code base of the packet dissectors to potentially bad packets. Of course access to the network cards requires certain privileges, like it does on any other plattform. Happy first of all, I doubt there are that many people in the world who know more about running Wireshark on Windows than if any. ![]() #Wireshark no interfaces found reddit drivers#If this workaround is not acceptable or you'd like to work with and understand the underlying drivers better, please answer grahamb's original question and continue working through root cause with him. However, if you know your environment and what traffic you are capturing, I personally think opening an email on a network connected PC is far more risky than running wireshark (a single application on an isolated PC.) Of course, this risk increases if you are doing security investigations and capturing malicious traffic. Please adhere to your personal or company policies. As always, though, you should be careful how and where you use administrative privileges as this exposes you to more risk. Being that you're running Wireshark I assume you already understand your administrative and security footprints. As a workaround you can force wireshark to run as administrator. We definitely cant get winpcap to run at startup. Unfortunately, in win 8/10 WinPcap and Wireshark do not work well under these conditions for some reason. We may be granted temporary admin rights on an as needed basis. If that doesn't work, you may be encountering a similar problem that I have. Please see the link in the previous post to set this up correctly if you have not already done so. #Wireshark no interfaces found reddit driver#Wireshark's underlying driver (winpcap) requires administrator rights. Just because you think you have a better answer or you prefer a more detailed response does not make my answer wrong. Security risks are also fairly subjective. My response does answer the question and will more than likely work. Please be careful with words like "totally incorrect" and "incredible security risk." This is a nice and respectful community. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |