[Winpcap-users] How to find out the current locally installed version of WinPCap?
fish at infidels.org
Wed Feb 25 23:20:40 PST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Ben Stover wrote:
> I somehow guess that WinPCap is already installed on a certain
> local computer (under WinXP+SP3).
> How can I find out if WinPCap is installed and if yes which
> Is WinPCap implemented as a DLL or as a SYS driver?
While Gianluca would of course be the one to give you THE
authoritative answer, allow me to try since the question is simple
enough and I believe I know the proper answer.
If WinPCap is installed then the following registry key should exist:
WinPcap consists of both a device driver ("npf.sys") as well as
several DLLs, one of which is called "packet.dll".
To determine which version of WinPCap is installed, simply call
either of the packet.dll's "PacketGetVersion" and/or
"PacketGetDriverVersion" functions. They're both "typedef PCHAR
They're both currently coded to return the same value: the
packet.dll's "PacketLibraryVersion" string constant (which is also
exported in addition to the aforementioned "GETWINPCAPVERSIONFUNC"
"Fish" (David B. Trout) - fish at softdevlabs.com
Fight Spam! Join CAUCE! <http://www.cauce.org/>
7 reasons why HTML email is a bad thing
PGP key fingerprints:
RSA: 6B37 7110 7201 9917 9B0D 99E3 55DB 5D58 FADE 4A52
DH/DSS: 9F9B BAB0 BA7F C458 1A89 FE26 48F5 D7F4 C4EE 3E2A
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
-----END PGP SIGNATURE-----
More information about the Winpcap-users