Unofficial WinPcap Installer Issue

["Rob Nicholls" <robert () everythingeverything co uk>]

I've been working on a patch for the Windows installer and it seems to work
okay, but only when I'm using the official WinPcap installer. If I use the
"reverse engineered" one that's usually supplied with Nmap, it doesn't
appear to have installed itself "properly" (for lack of a better word). IIRC
it works fine after you reboot the system, possibly because Windows spots
the files and WinPcap attempts to correctly install the NPF service. My
knowledge of installing/registering drivers as system services is (or was
until earlier today) minimal and I haven't been able to work out how to get
it to work (the best I can get is a load of error messages). Is anyone else
able to take a look at this? Essentially I want to run the command "net
start npf" to start the driver immediately, so Nmap will work straight after
it's been installed.

To reproduce this, uninstall WinPcap and install the Nmap version
(winpcap-nmap-4.02.exe). Running "net start npf" gives you:

The service name is invalid.

More help is available by typing NET HELPMSG 2185.

Install the official WinPcap installer from
http://www.winpcap.org/install/bin/WinPcap_4_0_2.exe. Running "net start
npf" gives you:

The NetGroup Packet Filter Driver service was started successfully.

If someone can get this working (or help me try and get it working) I'll
submit the patch that I think makes the Nmap installer a bit more user
friendly. Otherwise I'm chalking this one down as another reason why we
should consider using the official installer, along with our lack of decent
x64 support ;) (or can we include both the official and unofficial WinPcap
installers and only run the unofficial one if the silent option is
selected?)

Cheers,

Rob



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org