Fiddler Capacity?

6 posts, 0 answers
  1. Sean
    Sean avatar
    3 posts
    Member since:
    Aug 2014

    Posted 12 Aug 2014 Link to this post

    Hi there,

    This is my first time using fiddler so apologies if I'm wrong anywhere...

    I have to do 24 hour monitoring with Fiddler to capture an errant program which never seems to be working at any particular time.

    Trouble is it does 5-7GB downloads in an hour and I need to locate it.

    what is the capacity of Fiddler and how do I get it to right out on intervals?  Last nights 12 hour session seemed to loop and overwrite earlier entries

    Many thanks in advance,

    regards
    Seán
  2. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 14 Aug 2014 Link to this post

    Hello, Sean--

    Fiddler does not have a "fixed capacity" of any sort; if you are running the 64bit version, Fiddler will log traffic until you run out of memory/disk space.

    When you say "an errant program"-- what makes it errant? If the criteria are something that can be computed, you could configure Fiddler to keep only the errant traffic and discard everything else.

    You can configure Fiddler to periodically dump all of its traffic to disk on the schedule of your choosing, but this would require writing some script, and it wouldn't be that different than simply letting Fiddler keep all of the traffic in (virtual) memory.

    Regards,
    Eric Lawrence
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
  3. Sean
    Sean avatar
    3 posts
    Member since:
    Aug 2014

    Posted 14 Aug 2014 in reply to Eric Lawrence Link to this post

    Thanks Eric,  I subsequently found that a program had downloaded >10G onto my C: drive...

    Anyway the errant program problem...

    A simple network with a 4G router...everything going into a switch.

    Hourly I have a script that takes the stats from the router which shows normal usage for 23 hours a day until between (pick any hour) and I see a 5-10GB download from the net.

    OK so I remove everything from the router and enforce whitelists on MAC address and made my PC Fiddler Proxy.

    What I've discovered is that my iPADs are the culprit. - There is no cloud there is no X, Y, Z...but whenever it connects to the network I see within the next 24 hours a Mega download of 5-10GB.

    I see the traffic from the iPad in Fiddler, but not the 10G...and I have no-idea where it is coming from.  But when I remove it from the network...there is no traffic of this size...

    So I'm trying to analyse which of the programs on the iPad is causing a invisible mega download on my net.

    It's absolutely kiing my service.  I didn't realize until last week when I looked and saw in three weeks I'd downloaded in excess of 250G...but where?  Still looking...

    Thanks and regards
    Seán

  4. Graeme
    Graeme avatar
    31 posts
    Member since:
    Aug 2014

    Posted 14 Aug 2014 in reply to Sean Link to this post

    Maybe whatever is doing that large download is not using http or https?
  5. Sean
    Sean avatar
    3 posts
    Member since:
    Aug 2014

    Posted 14 Aug 2014 in reply to Graeme Link to this post

    Yeah, that's my problem.  I have fiddler recording HTTP, HTTPS and FTP...what other protocols am I missing and can Fiddler recognize them?  I can only think of streaming...but the ipads isn't (shouldn't) be doing that...and it's generally not in use at 3am..

    If anyone could suggest any ideas that would be great...

    thanks and best regards
    Seán

  6. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 14 Aug 2014 Link to this post

    Hi, Sean--

    Fiddler only captures traffic that is sent to it (e.g. for which it is acting as a proxy). It supports HTTP, HTTPS and FTP, but there are many other TCP/IP protocols including streaming protocols which Fiddler doesn't display.

    Typically, you'd want to get a TCP/IP dump using Wireshark or TCP Dump and then have a look at that traffic at the TCP level.

    Regards,
    Eric Lawrence
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
Back to Top