Wireshark · Wireshark-dev: [Wireshark-dev] Plan to make NPcap available for Wireshark

Wireshark-dev: [Wireshark-dev] Plan to make NPcap available for Wireshark

Date: Sat, 4 Jul 2015 10:26:13 +0800

Hi list,

Given that current Wireshark can't make use of NPcap because of the DLL search path problem mentioned in https://www.wireshark.org/lists/wireshark-dev/201506/msg00030.html, I'd like to make a patch for Wireshark. As it is a security consideration that Wireshark don't want to search the DLLs in the Windows way. My plan is to explicitly add the NPcap path to Wireshark's DLL search logic. NPcap uses the "C:\Windows\System32\NPcap" and "C:\Windows\SysWow64\NPcap" to store its DLLs (WinPcap uses "C:\Windows\System32" and "C:\Windows\SysWow64" directly). As it is a sub directory of System32 folder. Its access control policy is the same with System32, and there should be no security problem I think. The second question is if WinPcap and NPcap are both available in a system, which will be loaded first? I'd like to hear your opinions:)

Cheers,

Yang

Follow-Ups:
- Re: [Wireshark-dev] Plan to make NPcap available for Wireshark
  - From: Pascal Quantin
- Re: [Wireshark-dev] Plan to make NPcap available for Wireshark
  - From: Joerg Mayer

Prev by Date: Re: [Wireshark-dev] Is Wireshark maintaining the official WinPcap repo now?
Next by Date: Re: [Wireshark-dev] Buildbot Lua Init Tests
Previous by thread: Re: [Wireshark-dev] Buildbot Lua Init Tests
Next by thread: Re: [Wireshark-dev] Plan to make NPcap available for Wireshark
Index(es):
- Date
- Thread