Monitor loopback traffic (monitor MS TCP Loopback inteface traffic) with Microsoft Network Monitor 3.4 - possible?

windows networking tcp loopback interface
7,148

Solution 1

This is "impossible" with Windows because the Microsoft TCP/IP stack does not have a loopback interface like BSD systems do. In fact, you can't see traffic that is sent from one Windows PC to any IP address that is bound to a local NIC, even if they're non loopback addresses.

Having said the above, you can use a tool that utilizes raw sockets in Windows to capture any and all traffic that is being moved around in the PC. An example of such a tool would be RawCap. You would then save the capture that RawCap takes and import it into Network Monitor to examine.

Here are some references that should get you going in the right direction:

  1. Ethereal's discussion on loopback interface traffic
  2. StackOverflow question: Windows packet sniffer that can capture loopback traffic?

Solution 2

As of 2014 this is possible with Microsoft Message Analyzer (which replaced Network Monitor). Instructions for configuring loopback capture are in this blog post. Note that the download link in the blog post is broken, but the link above should work.

I was able to successfully capture loopback traffic using this tool on Windows 10.

Share:
7,148
colemik
Author by

colemik

Updated on September 18, 2022

Comments

  • colemik
    colemik over 1 year

    I've downloaded NM 3.4 from microsoft.com and it appears that the software doesn't capture traffic on MS TCP Loopback interface. When I ping 127.0.0.1 address, NM shows no packets flowing. I've tried both promiscuous / standard NIC mode with no luck. The only way I know so far to capture loopback traffic on Windows machines is to use RawCap.

    I'm using Windows XP SP3.

    Regards.

  • Codeguard
    Codeguard over 2 years
    There is no need to configure, even. Just click Loopback and unencrypted IPSEC on the start page.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I see 127.0.0.1 traffic on Windows using Wireshark?
How do I find out which process is using up all the TCP connections?
Network Traffic per process/application windows
Data retransmission and WSAECONNABORTED (10053) socket error
Open a test TCP connection to a specified IP/Port
Send Text String to a Socket In Windows
Why does the TCP Chimney Offload feature on some ethernet cards fail to pass some network packets to the OS?
No network loopback device after security update ubuntu 12.04
How to prevent TCP ZeroWindow on writing a large file to a Windows share?
traceroute TCP equivalent for Windows