While troubleshooting a network connection with Wireshark, I discovered that CIS is causing an issue with my packet captures. For some reason, when CIS is installed on my machine, it is causing only half of the traffic to be captured. For example, if I ping from my machine I can see the echo-reply packets coming from the destination but I do Not see any of the echo-requests going out from my computer. After pulling my hair out for a while, I finally decided to uninstall CIS and the problem cleared up immediately; packets were showing up in both directions again in my sniffs. I reinstalled CIS and the problem came right back. I tried disabling everything in CIS: Antivirus, Firewall, Auto-Containment, HIPS, VirusScope, and Website Filtering. Even with all of it off the packet captures are still showing only traffic inbound.
The only solution thus far has been to completely remove CIS.
I’m running Wireshark version 2.4.4, the problem was also happening on 2.4.3.
Any suggestions would be greatly appreciated. I’ve been a huge fan of CIS for more than half a decade now and I would hate to have to part with it because of this, but I need Wireshark to be able to do my job.