Intro If you need to capture network traffic from a Windows server, you may find that that standards or controls in your organisation prevent or forbid you from installing tools such as Wireshark on your Windows servers. This may be enforced by AppLocker or other controls. However, if you do have Administrator access on the server you can still capture the traffic and also convert to a format you can load into Wireshark on a desktop machine (or analyse using tcpdump or other tools on a Linux system) - there is no requirement to install Wireshark on the server - you can use built-in tools to achieve this.

Continue reading

Author's picture

Cirrius Tech | Serious About Tech

This is the personal blog of Graham Gold, covering all aspects of tech that interest me both personally and professionally. To see more about me visit my About Me page.

IT Professional