Yang's Status Report - #3 of 17

[食肉大灰兔V5 <hsluoyz () gmail com>]

Hi all,


This week I got several bugs fixed for NPcap. NPcap is a substitute
for WinPcap but more advanced with Microsoft latest Light-Weight
Filter technology embeded in it. Latest installer package is provided
as:

*https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/installer/winpcap-nmap-4.1.3-NDIS6-1.2.1.exe
<https://svn.nmap.org/nmap-exp/yang/NPcap-LWF/installer/winpcap-nmap-4.1.3-NDIS6-1.2.1.exe>*


Remember: as our certificate is outdated, Win 7,8,8.1 x64 OS would
fail installing winpcap-nmap-4.1.3-NDIS6-1.2.1.exe as we didn't code
sign the x64 driver. You need to disbale "Driver Signature
Enforcement" on your Windows x64 before installing. (How to disable
it: 
http://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_devices/how-do-i-disable-driver-signature-enforcement-win/a53ec7ca-bdd3-4f39-a3af-3bd92336d248).




Accomplishments:

* Fix bugs provided by Wireshark Core Team.

0001-Fix-issues-reported-by-Pascal.patch
0002-Fix-hang-in-NPF_Write.patch

* About the Win 10 driver code-sign issue, as NPcap is a "kernel-mode
driver", we need the "Extended Validation (EV) Code Signing" type
certificate instead of the "Standard Code Signing". Microsoft provided
two companies to buy cert from: Symantec or DigiCert. Certs from two
companies function the same, but DigiCert is much cheaper.


* Test NPcap in Windows 10 Technical Preview Build 10102
(10102.0.150417-2325.WINMAIN_PRS_CLIENTPRO-CORE_OEMRET_X64FRE_EN-US.ISO)
and it runs good.



Priorities:

* Further test and popularize NPcap.

* Have a meeting with fyodor for the next step.




Cheers,
Yang Luohttp://www.veotax.com <http://veotax.com/>

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/