[Winpcap-users] rpcapd & Wireshark 1.2.1 / WinPcap 4.1beta5

Gianluca Varenni gianluca.varenni at cacetech.com
Tue Aug 18 13:19:03 PDT 2009 

WinPcap 4.1beta4 is available at www.winpcap.org/archive

GV

----- Original Message ----- 
From: <j.snelders at telfort.nl>
To: <winpcap-users at winpcap.org>
Sent: Tuesday, August 18, 2009 12:19 PM
Subject: Re: [Winpcap-users] rpcapd & Wireshark 1.2.1 / WinPcap 4.1beta5


> How can I check that?
> BTW
> It's WinPcap 4.1beta5
>
> Thanks
> Joan
>
>>From: "Gianluca Varenni" <gianluca.varenni at cacetech.com>
> On Tue, 18 Aug 2009 11:52:56 -0700 Gianluca Varenni wrote:
>>Joan,
>>
>>do you know if WinPcap 4.1 beta4 was already broken?
>>
>>Have a nice day
>>GV
>>
>>----- Original Message ----- 
>>From: <j.snelders at telfort.nl>
>>To: <winpcap-users at winpcap.org>
>>Sent: Monday, August 17, 2009 12:36 PM
>>Subject: [Winpcap-users] rpcapd & Wireshark 1.2.1 / WinPcap 4.1beta5
>>
>>
>>> Remote capturen fails and I can't figure out why.
>>> I did start the service at the remote daemon. I've used password
>>> authentication,
>>> could select the proper interface, start Wireshark, but I didn't capture
>>> any traffic from the remote machine.
>>>
>>>
>>> I launched another instance of Wireshark and captured this traffic 
>>> during
>>> remote capture setup:
>>>  6   0.000683 192.168.100.12 -> 192.168.100.14 RPCAP 81 Authentication
>>
>>> request
>>>  7   0.089700 192.168.100.14 -> 192.168.100.12 RPCAP 62 Authentication
>>
>>> reply
>>>  8   0.089829 192.168.100.12 -> 192.168.100.14 RPCAP 62 Find all
>>> interfaces
>>> request
>>>  9   0.170706 192.168.100.14 -> 192.168.100.12 RPCAP 798 Find all
>>> interfaces
>>> reply
>>> 17  25.433024 192.168.100.12 -> 192.168.100.14 RPCAP 81 Authentication
>>
>>> request
>>> 18  25.435069 192.168.100.14 -> 192.168.100.12 RPCAP 62 Authentication
>>
>>> reply
>>> 19  25.435126 192.168.100.12 -> 192.168.100.14 RPCAP 112 Open request
>>> 20  25.437210 192.168.100.14 -> 192.168.100.12 RPCAP 70 Open reply
>>> 21  25.448845 192.168.100.12 -> 192.168.100.14 RPCAP 90 Start capture
>
>>> request
>>> 22  25.454141 192.168.100.14 -> 192.168.100.12 RPCAP 70 Start capture
>
>>> reply
>>> 26  25.455400 192.168.100.12 -> 192.168.100.14 RPCAP 414 Update filter
>>
>>> request
>>> 27  25.457252 192.168.100.14 -> 192.168.100.12 RPCAP 62 Update filter
>
>>> reply
>>>
>>> Note:
>>> When I uninstall WinPcap 4.1beta5 on the remote daemon and the local
>>> client
>>> and install WinPcap 4.0.2 everything works fine.
>>>
>>> Best regards
>>> Joan
>>>
>>>
>>> Wireshark:
>>> Version 1.2.1 (SVN Rev 29141)
>>>
>>> Copyright 1998-2009 Gerald Combs <gerald at wireshark.org> and 
>>> contributors.
>>> This is free software; see the source for copying conditions. There is
>>NO
>>> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
>>> PURPOSE.
>>>
>>> Compiled with GTK+ 2.16.2, with GLib 2.20.3, with WinPcap (version
>>> unknown),
>>> with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI
>>
>>> 0.4.8,
>>> with c-ares 1.6.0, with Lua 5.1, with GnuTLS 2.8.1, with Gcrypt 1.4.4,
>>
>>> with
>>> MIT
>>> Kerberos, with GeoIP, with PortAudio V19-devel (built Jul 19 2009), with
>>> AirPcap.
>>>
>>> Running on Windows XP Service Pack 3, build 2600, with WinPcap version
>>4.1
>>> beta5
>>> (packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, GnuTLS
>>
>>> 2.8.1,
>>> Gcrypt 1.4.4, with AirPcap 3.2.3 build 1297.
>>>
>>> Built using Microsoft Visual C++ 9.0 build 30729
>>>
>>> Wireshark is Open Source Software released under the GNU General Public
>>
>>> License.
>>>
>>> Check the man page and http://www.wireshark.org for more information.
>
>
>
>
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users

More information about the Winpcap-users mailing list