Penetration Testing mailing list archives

Re: Sniffers, scanners and XP raw packet drivers

From: Ken.Williams () ey com
Date: Thu, 13 Dec 2001 12:30:30 -0600

I have had no problems with Ethereal, NmapNT and fport on
Win XP Pro, and can verify that they work on a (basically)
vanilla system after installing everything correctly and
following the tool installation and usage instructions.
make sure you are using the WinPcap 2.3 beta drivers though.

sounds like you may have issues with installation of the
packet capture library and/or system configuration.

Regards,
ken

Ken Williams   Technical Lead   ken.williams () ey com
eSecurityOnline - an eSecurity Venture of Ernst & Young
ken.williams () ey com    www.esecurityonline.com    1-877-eSecurity





                    "Simon"
                    <simon@derisi        To:     "PenTest"
<pen-test () securityfocus com>
                    on.net>              cc:
                                         Subject:     Sniffers, scanners
and XP raw packet drivers
                    12/13/2001
                    06:51 AM
                    Please
                    respond to
                    simon






Folks,

Anyone had any success getting Ethereal and other tools to work under
Windows XP Pro?
even if Winpcap installed:

  Ethereal won't find an interface,
  ISS can't find raw packet drivers for some of its scans are disabled
  Nmapnt can't find any suitable interfaces
  Foundstone fport won't resolve ports to process owners (although fscan
and superscan run fine)
  .... (the list goes on)

All these worked on my laptop nicely under Windows 2000? Does anyone
have a solution to this? I guess what I need is a raw packet capture
driver that works under winXP... Any ideas?

Aaarrrgggh,

Simon, CISSP



----------------------------------------------------------------------------


This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/







______________________________________________________________________
The information contained in this message may be privileged and
confidential and protected from disclosure.  If the reader of this message
is not the intended recipient, or an employee or agent responsible for
delivering this message to the intended recipient, you are hereby notified
that any dissemination, distribution or copying of this communication is
strictly prohibited. If you have received this communication in error,
please notify us immediately by replying to the message and deleting it
from your computer.  Thank you.  Ernst & Young LLP


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Sniffers, scanners and XP raw packet drivers Simon (Dec 13)
- Re: Sniffers, scanners and XP raw packet drivers Philipp Stucke (Dec 13)
- RE: Sniffers, scanners and XP raw packet drivers Marc Maiffret (Dec 13)
- <Possible follow-ups>
- Re: Sniffers, scanners and XP raw packet drivers Ken . Williams (Dec 13)
- RE: Sniffers, scanners and XP raw packet drivers gwasson (Dec 13)
- RE: Sniffers, scanners and XP raw packet drivers Shackleford, Dave (Dec 13)
- RE: Sniffers, scanners and XP raw packet drivers Ken . Williams (Dec 17)