How to Take a Native Network Capture on Microsoft Systems
The KEMP LoadMaster has tcpdump installed and available via the Web User Interface (WUI) so network traffic can be easily captured to help diagnose connection problems. However, sometimes it is necessary to take a capture from a client or server system as well.
This can be a problem for many customers because they do not have the necessary tools installed on the system and it may not be possible to add them due to security or policy reasons, especially with critical servers.
Luckily, Rob Vandenbrink at InfoSec Handlers has written a great article on using the Windows netsh utility to capture network traffic from Microsoft systems without the need for any third party software. This is also advantageous when running Microsoft Server Core which only has Command Line Interface (CLI) access.
For more details on how to take native network captures on Microsoft systems check out Rob's article: No Wireshark? No TCPDump? No Problem!.