Wireshark mailing list archives
Multiple UAC requests when starting/using Wireshark with Npcap's "Admin-only" mode ON
From: Yang Luo <hsluoyb () gmail com>
Date: Wed, 22 Jun 2016 23:57:17 +0800
Hi list, I recently got an issue about Npcap's Admin-only mode. It's actually a pretty old question: I updated to the latest available release (Npcap 0.07 r17) and checked the
option to only allow > admin user to use it. When starting Wireshark, I had about 10 requests one after the other from UAC for NPcapHelper. Every time capture is started, it also pops up. It would be great if there was no more than a single request.
This is because Npcap will prompt a UAC window for every Npcap's DLL loading. And Wireshark invokes multiple times of dumpcap.exe, which loads Npcap's DLLs (wpcap.dll, Packet.dll). It seems that in Linux there's a special user or a group that is permitted to do the capturing. And Wireshark can run under that user/group. But on Windows, the convention is using UAC window to do the privilege escalation. So we can't copy Linux's solution here. I wonder is there any other way to solve this? Like the Wireshark GUI only uses one dumpcap.exe instance during its lifecycle? Cheers, Yang
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Multiple UAC requests when starting/using Wireshark with Npcap's "Admin-only" mode ON Yang Luo (Jun 22)
- Re: Multiple UAC requests when starting/using Wireshark with Npcap's "Admin-only" mode ON Graham Bloice (Jun 28)