Some are just interested in what kind of communication is going on and there is no need to get very exact results. There are a couple of reasons why someone would run Wireshark on a computer to see what packets are coming in and going out. Sideeffect #1 – Changing the problem environment I discussed a lot of these side effects in my Sharkfest 2013 talk “PA-14: Top 5 False Positives” already, but let’s go check them out again. While this an easy way to capture network packets it is also an easy way to get “wrong” results, because there are a lot of side effects when capturing packets directly on a computer. Probably the most common way of capturing network data is not a decision between SPAN or TAP – it is Wireshark simply being installed on one of the computers that need to be analyzed.
0 kommentar(er)
