[Winpcap-users] How to find out the current locally installed version of WinPCap?
Fish
fish at infidels.org
Wed Feb 25 23:20:40 PST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ben Stover wrote:
> I somehow guess that WinPCap is already installed on a certain
> local computer (under WinXP+SP3).
>
> How can I find out if WinPCap is installed and if yes which
> version?
>
> Is WinPCap implemented as a DLL or as a SYS driver?
While Gianluca would of course be the one to give you THE
authoritative answer, allow me to try since the question is simple
enough and I believe I know the proper answer.
If WinPCap is installed then the following registry key should exist:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinPcapInst
WinPcap consists of both a device driver ("npf.sys") as well as
several DLLs, one of which is called "packet.dll".
To determine which version of WinPCap is installed, simply call
either of the packet.dll's "PacketGetVersion" and/or
"PacketGetDriverVersion" functions. They're both "typedef PCHAR
GETWINPCAPVERSIONFUNC()" functions.
They're both currently coded to return the same value: the
packet.dll's "PacketLibraryVersion" string constant (which is also
exported in addition to the aforementioned "GETWINPCAPVERSIONFUNC"
functions.
- --
"Fish" (David B. Trout) - fish at softdevlabs.com
Fight Spam! Join CAUCE! <http://www.cauce.org/>
7 reasons why HTML email is a bad thing
http://www.georgedillon.com/web/html_email_is_evil.shtml
PGP key fingerprints:
RSA: 6B37 7110 7201 9917 9B0D 99E3 55DB 5D58 FADE 4A52
DH/DSS: 9F9B BAB0 BA7F C458 1A89 FE26 48F5 D7F4 C4EE 3E2A
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBSaZCx0j11/TE7j4qEQK/xgCcDMBYq+4iUINvM+y3K+D0EIHr1o0AoLnI
IgtbZ6mCPCSCctwaioAlwCjP
=oYhU
-----END PGP SIGNATURE-----
More information about the Winpcap-users
mailing list