Page 1 of 1
starting WireShark in native console mode on EVE-NG-PRO
Posted: Tue Mar 27, 2018 4:41 am
by j0liu002
since I upgraded to PRO, the Wireshark stopped working in NATIVE CONSOLE mode, prompted me to open a file: 10.x.x.x_12365.rdp, I have no idea how to go from there (I am running windows 10).
This was easily configured when in Community Edition.
I can only get around this issue when using HTML5 console mode, but all wireshark and Telnet session now is running on browser TAB, for wireshark in TAB is bearable, but running multiple TELNET session on multiple browser TABs drive me nuts .... on SecureCRT I enjoy viewing multiple small telnet session windows on "Tile" mode, but now I have to switch back and forth, back and forth, back and forth between telnet sessions ..... oh god !
Help me !!
Re: starting WireShark in native console mode on EVE-NG-PRO
Posted: Tue Mar 27, 2018 7:49 am
by Uldis (UD)
exactly, no more local Wireshark in use for EVE pro.
EVE PRO Wireshark opens as RDP session and start live capture.
If you want save that file, simply stop capture and then File/Save As/
double click on thinclient, it will show your Local pc HDDs, to choose location where to save capture file..
Native Telnet is working as before, CRT tabbed.
But HTML desktop, you can try such trick what I shown in presentation video.
https://www.youtube.com/watch?v=aLZJXwZN0fk&t=1s
UD
Re: starting WireShark in native console mode on EVE-NG-PRO
Posted: Tue Mar 27, 2018 7:50 am
by Uldis (UD)
Visit live chat I will give advice.
http://www.eve-ng.net/index.php/live-helpdesk
use google account or create new account for chat.
UD-EVE
Re: starting WireShark in native console mode on EVE-NG-PRO
Posted: Tue Mar 27, 2018 3:07 pm
by j0liu002
Thanks, UD!
When in native console mode, If I try to start the wireshark capture, I have the option to save as *.rdp file.
BUT, where is this "Thinclient" ? how to launch the RDP session, it's opened, by default, as WINDOWS remote desktop session, not as xrdp ...
regards
Re: starting WireShark in native console mode on EVE-NG-PRO
Posted: Tue Mar 27, 2018 7:47 pm
by Uldis (UD)
First you can set that RDP file opens always once you receive such, BUT not save on PC...
Second: open RDP the capture will start...
to save capture, press red sop button
then
File/Save AS/
double click on thinclient
save file on local pc
very easy
Re: starting WireShark in native console mode on EVE-NG-PRO
Posted: Wed Mar 28, 2018 3:29 pm
by j0liu002
Thanks a lot!
Somehow, I was never able to successfully start the RDP session (the EVE NG Pro is running on a separate box, barebone mode), it always time out.
But today, all of sudden, the RDP connected!! ..... I never made any changes to it, make me scratch my head, wondering why ??
Nevertheless, I am happy to see the wireshark live.
Regards
James