[Winpcap-users] rpcapd & Wireshark 1.2.1 / WinPcap 4.1beta5

Gianluca Varenni gianluca.varenni at cacetech.com
Tue Aug 18 11:52:56 PDT 2009 

Joan,

do you know if WinPcap 4.1 beta4 was already broken?

Have a nice day
GV

----- Original Message ----- 
From: <j.snelders at telfort.nl>
To: <winpcap-users at winpcap.org>
Sent: Monday, August 17, 2009 12:36 PM
Subject: [Winpcap-users] rpcapd & Wireshark 1.2.1 / WinPcap 4.1beta5


> Remote capturen fails and I can't figure out why.
> I did start the service at the remote daemon. I've used password 
> authentication,
> could select the proper interface, start Wireshark, but I didn't capture
> any traffic from the remote machine.
>
>
> I launched another instance of Wireshark and captured this traffic during
> remote capture setup:
>  6   0.000683 192.168.100.12 -> 192.168.100.14 RPCAP 81 Authentication 
> request
>  7   0.089700 192.168.100.14 -> 192.168.100.12 RPCAP 62 Authentication 
> reply
>  8   0.089829 192.168.100.12 -> 192.168.100.14 RPCAP 62 Find all 
> interfaces
> request
>  9   0.170706 192.168.100.14 -> 192.168.100.12 RPCAP 798 Find all 
> interfaces
> reply
> 17  25.433024 192.168.100.12 -> 192.168.100.14 RPCAP 81 Authentication 
> request
> 18  25.435069 192.168.100.14 -> 192.168.100.12 RPCAP 62 Authentication 
> reply
> 19  25.435126 192.168.100.12 -> 192.168.100.14 RPCAP 112 Open request
> 20  25.437210 192.168.100.14 -> 192.168.100.12 RPCAP 70 Open reply
> 21  25.448845 192.168.100.12 -> 192.168.100.14 RPCAP 90 Start capture 
> request
> 22  25.454141 192.168.100.14 -> 192.168.100.12 RPCAP 70 Start capture 
> reply
> 26  25.455400 192.168.100.12 -> 192.168.100.14 RPCAP 414 Update filter 
> request
> 27  25.457252 192.168.100.14 -> 192.168.100.12 RPCAP 62 Update filter 
> reply
>
> Note:
> When I uninstall WinPcap 4.1beta5 on the remote daemon and the local 
> client
> and install WinPcap 4.0.2 everything works fine.
>
> Best regards
> Joan
>
>
> Wireshark:
> Version 1.2.1 (SVN Rev 29141)
>
> Copyright 1998-2009 Gerald Combs <gerald at wireshark.org> and contributors.
> This is free software; see the source for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR 
> PURPOSE.
>
> Compiled with GTK+ 2.16.2, with GLib 2.20.3, with WinPcap (version 
> unknown),
> with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI 
> 0.4.8,
> with c-ares 1.6.0, with Lua 5.1, with GnuTLS 2.8.1, with Gcrypt 1.4.4, 
> with
> MIT
> Kerberos, with GeoIP, with PortAudio V19-devel (built Jul 19 2009), with
> AirPcap.
>
> Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1
> beta5
> (packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, GnuTLS 
> 2.8.1,
> Gcrypt 1.4.4, with AirPcap 3.2.3 build 1297.
>
> Built using Microsoft Visual C++ 9.0 build 30729
>
> Wireshark is Open Source Software released under the GNU General Public 
> License.
>
> Check the man page and http://www.wireshark.org for more information.
>
>
>
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users

More information about the Winpcap-users mailing list