Wireshark captures a lot of information. I would set the capture up near the DC to narrow it down. Then try to determine what kind of traffic you need to look at and narrow your capture down even further. There is a lot of good information on the website.
On Tue, Mar 11, 2008 at 7:41 AM, Rankin, James R <[EMAIL PROTECTED]> wrote: > > > > I'm not a regular user of Wireshark and don't often get roped into looking > at networking stuff, so apologies if this sounds a bit dippy… > > > > Would a capture file of approx 150MB/min thru Wireshark indicate a saturated > network? I've connected a single laptop to the switch at a client site with > the NIC in promiscuous mode and it is spewing out data to the extent that it > has nearly filled the disk. The network is only 100M, so I'm thinking that > it maybe has some serious issues. Most of the traffic seems to be to or from > a single domain controller. > > > > Cheers, > > > > > > > > JR > > > > > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
