This is more a reference for me than anything else. It took me over half an hour to find how to do this correctly, so I figured I would document it.

Installing Windows 2003 Server’s Network Monitor on Windows XP

  1. Install Network Monitor on a Windows 2003 server if it is not already installed.
    1. Start -> Control Panel -> Add/Remove Programs -> Add/Remove Windows Components -> Management and Monitoring Tools -> Details -> [check] Network Monitor Tools -> OK -> Next -> Finish
  2. On the XP workstation, install the network capture driver
    1. Start -> Run -> CMD -> OK -> netcap -> the capture driver is now installed, hit the space bar to stop the packet capture
  3. Copy the netmon folder from the System32 folder on the server (%windir%system32netmon) to the System32 folder on the workstation (%windir%system32netmon).
    1. Be sure to grant system and administrator change permissions on the netmon folder and all the files/folders it contains, otherwise netmon.exe won’t start. 
    2. Be sure the “parsers” folder is included when you copy the netmon folder. Drag-and-drop copy keeps this, as does xcopy, but regular “copy” from the command prompt does not.
  4. Copy nmsupp.dll from the server (%windir%system32nmsupp.dll) to the netmon folder on the workstation.
  5. Run netmon.exe
Advertisement