VMware Communities > VMTN > Desktop Products > VMware Fusion > Discussions
Up to Discussions in VMware Fusion

This Question is Possibly Answered

1 "correct" answer available (10 pts)
9 Replies Last post: Aug 14, 2007 7:12 AM by rsa911
Reply

VMware Fusion 1.0 and sniffers = BSOD ... help?

Aug 14, 2007 6:01 AM

Click to view pitogo's profile Novice pitogo 27 posts since
Jul 13, 2006
Hey all,

Well hope you guys are all having fun. On Mac OS X the only sniffer option I know about are wireshark and Etherpeek (no longer being updated). As good as they are I wanted to try more updated and advanced sniffers one was Sniffer Portable from Network General and the other was OmniPeek Enterprise from Wild Packets. I am in a trial/demo program for both but unfortunately I can't capture because they both crash my system with a BSOD. Is there anything I can do to run those programs under virtualization or am I just SOL.

Thanks in advance.

Mike

Message was edited by:
pitogo
Reply Re: VMware Fusion 1.0 and sniffers = BSOD ... help? Aug 14, 2007 6:14 AM
Click to view rsa911's profile Virtuoso rsa911 1,877 posts since
Aug 3, 2007
personally, I usually use the standard Microsoft netmon to capture packets then once done, copy the file to another machine where I have multiple network analyzers at hand
most network analyzers support natively microsoft netmon file format

until now, Netmon has always run fined on the many vm format i've tried

just my 2ct, give it a try and report back your experience, it's interesting ;-)
Reply Re: VMware Fusion 1.0 and sniffers = BSOD ... help? Aug 14, 2007 6:18 AM
in response to: rsa911
Click to view pitogo's profile Novice pitogo 27 posts since
Jul 13, 2006
Oh cool, never thought of that. I can try using netmon to capture data then analyze it in the program. The program doesn't crash until it tries to take control of the interface.
Reply Re: VMware Fusion 1.0 and sniffers = BSOD ... help? Aug 14, 2007 6:21 AM
in response to: rsa911
Click to view pitogo's profile Novice pitogo 27 posts since
Jul 13, 2006
oops duplicate

Message was edited by:
pitogo
Reply Re: VMware Fusion 1.0 and sniffers = BSOD ... help? Aug 14, 2007 6:31 AM
Click to view Andreas Masur's profile Expert Andreas Masur 843 posts since
Feb 26, 2007
Do you actually have a screenshot of the crash? What is the stop code? Does it happen while capturing?

Ciao, Andreas
Reply Re: VMware Fusion 1.0 and sniffers = BSOD ... help? Aug 14, 2007 6:40 AM
in response to: Andreas Masur
Click to view pitogo's profile Novice pitogo 27 posts since
Jul 13, 2006
I would take a screenshot but it reboots way too fast, I get a flash of blue with the stop code then it boots up. No it does not happen while capturing because it happens before the programs can start capturing. Both OmniPeek Ent and Sniffer Portable (even wireshark for Windows) launches like a normal app then when you click the start or capture button Windows immediately goes into a BSOD that flashes way too fast to read or get a screen shot my best attempt was a half black half white screen as it went to change into the boot mode.
Reply Re: VMware Fusion 1.0 and sniffers = BSOD ... help? Aug 14, 2007 6:50 AM
Click to view Wes W.'s profile Enthusiast Wes W. 37 posts since
Jun 19, 2007
Not being a fan of Windows, let alone paying for it, here are my free suggestions:

1) Easiest, pickup a Virtual Appliance pre-configured for network security auditing, such as BackTrack. http://www.vmware.com/appliances/directory/122

2) Install Solaris, FreeBSD, OpenBSD, or whatever Unix you like on your own VM and have more control to learn and explore more about network security. Solaris' 'snoop' command is dirt simple, or you can install Ethereal on almost anything.

HTH.
Reply Re: VMware Fusion 1.0 and sniffers = BSOD ... help? Aug 14, 2007 6:55 AM
in response to: pitogo
Click to view rsa911's profile Virtuoso rsa911 1,877 posts since
Aug 3, 2007
I would take a screenshot but it reboots way too fast

control panel -- system - advanced -- startup and recovery
disable 'automatically restart'
your blue screen will stay displayed until you reset the Vm
Reply Re: VMware Fusion 1.0 and sniffers = BSOD ... help? Aug 14, 2007 7:04 AM
in response to: Wes W.
Click to view pitogo's profile Novice pitogo 27 posts since
Jul 13, 2006
I am trying out enterprise products for use in our ESX environment. But first trying it out on my workstation with no luck. Wireshark is much better than Ethereal but I need something with advanced diagnostics or intellegence that can weed out problems through the noise of even a filtered capture.

install Ethereal on almost anything.

HTH.

Reply Re: VMware Fusion 1.0 and sniffers = BSOD ... help? Aug 14, 2007 7:12 AM
in response to: pitogo
Click to view rsa911's profile Virtuoso rsa911 1,877 posts since
Aug 3, 2007
I suggest you open a new thread in the ESX forum to get some advice on the recommended network analyzers for an ESX platform
the gurus out there should get you the definitive answer ;-)
Actions
Up to Discussions in VMware Fusion