Re: NGSEC's penetration test sniffer

["The Blueberry" <acr872k () hotmail com>]

> [...] In particular it needs WinPcap to be installed. And,
> of course, you really need to be able to uninstall WinPcap once the
> job is finished.
>
>  Or is it just that I haven't figured out how install and uninstall
> WinPCap using only a command line or batch interface?

Oh well I've already looked for that one and yes, the WinPCap driver is 
[un]installable from the command line. They simply make it a bit harder (?) 
to find how because of the multiple problems they get when everyone ships 
his WinPCAP driver with their softwares. Basically, you have to copy npf.sys 
to the system32\drivers folder and wpcap.dll+packet.dll to the system32 
folder. Then, start any software/utility that uses WinPCap and when 
packet.dll is loaded for the first time, it will make all what's necessary 
(reg entries, service registration, etc.) for the driver to work. So a 
simple batch file that copies the 3 files for the installation and for the 
uninstallation, a net stop npf, instsrv npf remove and the deletion of the 3 
files works fine. The driver must not be loaded while the uninstallation 
(WPcap team: correct me if I'm wrong on that one). Also, be sure that you 
use the proper file versions for packet.dll and npf.sys. Hope that helps!!

~TB

_________________________________________________________________
Join the world’s largest e-mail service with MSN Hotmail. 
http://www.hotmail.com


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/