Re: Windows32 Snort without WPcap.dll?

["Keith W. McCammon" <keith-list () mccammon org>]

No can do, as far as I'm aware.  Even if you're using the built-in 
Windows packet analysis tool, you need to install their capture driver. 
  Over-simplification follows...

Under normal circumstances, an application would open up a socket for 
network communication, and the stack then keeps track of these sockets 
and binding applications.  When you're running a capture engine, you're 
asking for a copy of every packet that crosses the stack, independent of 
the application.  Thus, you need a special driver.

Steven Bairstow wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Does anyone know of a version of Snort for MS Windows that can be run
> without installing WPcap.dll?  I don't need the interface to be in
> promiscuous mode as I only need to see the local traffic. 
> Ultimately, I would like to be able to run Snort without rebooting
> the machine or installing any software onto the machine.  
>
> Thanks.
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.3
>
> iQA/AwUBQM3QBEcxdTMMgeE8EQL3TQCeKd2mK1rDtgwWOMtO6Yw6hADykP0AoLQk
> YgormcP3S0ozq3PdelkhAB0v
> =Gnd7
> -----END PGP SIGNATURE-----


-------------------------------------------------------
This SF.Net email is sponsored by the new InstallShield X.
> From Windows to Linux, servers to mobile, InstallShield X is the
one installation-authoring solution that does it all. Learn more and
evaluate today! http://www.installshield.com/Dev2Dev/0504
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users