Yang's status report - #16 of 16

["veotax" <hsluoyz () qq com>]

Hi everyone,

Here's my status report for the last week. I am very happy to have worked together with you guys last three months. I 
learnt a lot from my mentor Fyodor.I had great time chatting with Jacek and many other friends. And I will be busy 
looking for a job these months:)

I have finished a WFP (Windows Filter Platform) prototype this week. NetDump is a packet capturing software just like 
Wireshark. While it can sniffle loopback packets. It can display specified packets based on the filters. So if you want 
to only capture loopback ICMP packets, you can use the command: 
NetDump.exe "icmp and (ip.DstAddr == 127.0.0.1 or ip.SrcAddr == 127.0.0.1)"
PacketInjecter is a packet injecter. It can send loopback ICMP packets when running. So you can open the NetDump for 
capturing, then open PacketInjecter to send loopback ICMP packets.

This prototype is for the loopback packet missing problem for the current WinPcap. The most obvious drawback of the 
original WinPcap on Nmap is that Nmap cannot test the machine itself. I hope someone could integrate this prototype 
within the LWF version WinPcap (NPcap)

The WFP prototype:
https://svn.nmap.org/nmap-exp/yang/NetDump
https://svn.nmap.org/nmap-exp/yang/PacketInjecter

The entire code base:
https://svn.nmap.org/nmap-exp/yang/NPcap-LWF

The installer only:
https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/installer/winpcap-nmap-4.1.3-NDIS6-1.2.0.exe

Accomplishments:

* Finished the WFP prototype.


Priorities:

* Have a meeting with my mentor.

Cheers,
Yang Luo
http://veotax.com
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/