[Winpcap-users] rpcapd & Wireshark 1.2.1 / WinPcap 4.1beta5

j.snelders at telfort.nl j.snelders at telfort.nl
Tue Aug 18 12:19:58 PDT 2009


How can I check that?
BTW
It's WinPcap 4.1beta5

Thanks
Joan

>From: "Gianluca Varenni" <gianluca.varenni at cacetech.com>
On Tue, 18 Aug 2009 11:52:56 -0700 Gianluca Varenni wrote:
>Joan,
>
>do you know if WinPcap 4.1 beta4 was already broken?
>
>Have a nice day
>GV
>
>----- Original Message ----- 
>From: <j.snelders at telfort.nl>
>To: <winpcap-users at winpcap.org>
>Sent: Monday, August 17, 2009 12:36 PM
>Subject: [Winpcap-users] rpcapd & Wireshark 1.2.1 / WinPcap 4.1beta5
>
>
>> Remote capturen fails and I can't figure out why.
>> I did start the service at the remote daemon. I've used password 
>> authentication,
>> could select the proper interface, start Wireshark, but I didn't capture
>> any traffic from the remote machine.
>>
>>
>> I launched another instance of Wireshark and captured this traffic during
>> remote capture setup:
>>  6   0.000683 192.168.100.12 -> 192.168.100.14 RPCAP 81 Authentication
>
>> request
>>  7   0.089700 192.168.100.14 -> 192.168.100.12 RPCAP 62 Authentication
>
>> reply
>>  8   0.089829 192.168.100.12 -> 192.168.100.14 RPCAP 62 Find all 
>> interfaces
>> request
>>  9   0.170706 192.168.100.14 -> 192.168.100.12 RPCAP 798 Find all 
>> interfaces
>> reply
>> 17  25.433024 192.168.100.12 -> 192.168.100.14 RPCAP 81 Authentication
>
>> request
>> 18  25.435069 192.168.100.14 -> 192.168.100.12 RPCAP 62 Authentication
>
>> reply
>> 19  25.435126 192.168.100.12 -> 192.168.100.14 RPCAP 112 Open request
>> 20  25.437210 192.168.100.14 -> 192.168.100.12 RPCAP 70 Open reply
>> 21  25.448845 192.168.100.12 -> 192.168.100.14 RPCAP 90 Start capture

>> request
>> 22  25.454141 192.168.100.14 -> 192.168.100.12 RPCAP 70 Start capture

>> reply
>> 26  25.455400 192.168.100.12 -> 192.168.100.14 RPCAP 414 Update filter
>
>> request
>> 27  25.457252 192.168.100.14 -> 192.168.100.12 RPCAP 62 Update filter

>> reply
>>
>> Note:
>> When I uninstall WinPcap 4.1beta5 on the remote daemon and the local 
>> client
>> and install WinPcap 4.0.2 everything works fine.
>>
>> Best regards
>> Joan
>>
>>
>> Wireshark:
>> Version 1.2.1 (SVN Rev 29141)
>>
>> Copyright 1998-2009 Gerald Combs <gerald at wireshark.org> and contributors.
>> This is free software; see the source for copying conditions. There is
>NO
>> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR 
>> PURPOSE.
>>
>> Compiled with GTK+ 2.16.2, with GLib 2.20.3, with WinPcap (version 
>> unknown),
>> with libz 1.2.3, without POSIX capabilities, with libpcre 7.0, with SMI
>
>> 0.4.8,
>> with c-ares 1.6.0, with Lua 5.1, with GnuTLS 2.8.1, with Gcrypt 1.4.4,
>
>> with
>> MIT
>> Kerberos, with GeoIP, with PortAudio V19-devel (built Jul 19 2009), with
>> AirPcap.
>>
>> Running on Windows XP Service Pack 3, build 2600, with WinPcap version
>4.1
>> beta5
>> (packet.dll version 4.1.0.1452), based on libpcap version 1.0.0, GnuTLS
>
>> 2.8.1,
>> Gcrypt 1.4.4, with AirPcap 3.2.3 build 1297.
>>
>> Built using Microsoft Visual C++ 9.0 build 30729
>>
>> Wireshark is Open Source Software released under the GNU General Public
>
>> License.
>>
>> Check the man page and http://www.wireshark.org for more information.


       




More information about the Winpcap-users mailing list