What is WinPcap??

0 Members and 1 Guest are viewing this topic. Read 3836 times.

FullRangeMan

  • Volunteer
  • Posts: 21249
  • To whom more was given more will be required.
    • Never go to a psychiatrist, adopt a straycat or dog. On the street they live only two years average.
What is WinPcap??
« on: 12 Mar 2016, 03:35 pm »
What is this pgm?  Version 4.1.1753
What it do?
Who install it in a W7 PC?
It not came from Microsoft.

srb

Re: What is WinPcap??
« Reply #1 on: 12 Mar 2016, 03:42 pm »
If it's on your PC, it may have been installed as a required component during the installation of a network analysis program tool.

"WinPcap is the packet capture and filtering engine of many open source and commercial network tools, including protocol analyzers, network monitors, network intrusion detection systems, sniffers, traffic generators and network testers. Some of these networking tools, like Wireshark, Nmap, Snort, ntop are known and used throughout the networking community."

http://www.winpcap.org/

Steve

FullRangeMan

  • Volunteer
  • Posts: 21249
  • To whom more was given more will be required.
    • Never go to a psychiatrist, adopt a straycat or dog. On the street they live only two years average.
Re: What is WinPcap??
« Reply #2 on: 12 Mar 2016, 03:45 pm »
Seems a spy virus?
I will remove it, Thanks.

WGH

Re: What is WinPcap??
« Reply #3 on: 12 Mar 2016, 03:47 pm »
WinPcap "allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture."

Programs that use libpcap/WinPcap

    Cain and Abel, a password recovery tool for Microsoft Windows. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by sing methods such as dictionary attacks, brute force and cryptanalysis attacks.
    tcpdump, a tool for capturing and dumping packets for further analysis, and WinDump, the Windows port of tcpdump.
    ngrep, aka "network grep", isolate strings in packets, show packet data in human-friendly output.
    Wireshark (formerly Ethereal), a graphical packet-capture and protocol-analysis tool.
    Snort, a network-intrusion-detection system.
    Nmap, a port-scanning and fingerprinting network utility
    the Bro IDS and network-monitoring platform.
    URL Snooper, locate the URLs of audio and video files in order to allow recording them.
    Kismet, for 802.11 wireless LANs
    L0phtCrack, a password auditing and recovery application.
    iftop, a tool for displaying bandwidth usage (like top for network traffic)
    EtherApe, a graphical tool for monitoring network traffic and bandwidth usage in real time.
    Bit-Twist, a libpcap-based Ethernet packet generator and editor for BSD, Linux, and Windows.
    Pirni, a network security tool for jailbroken iOS devices.
    McAfee ePolicy Orchestrator, Rogue System Detection feature
    NetSim a network simulation software for network R & D
    XLink Kai Software that allows various LAN console games to be played online
    Firesheep, an extension for the Firefox web browser, that intercepts unencrypted cookies from certain websites (such as Facebook and Twitter) as the cookies are transmitted over networks, exploiting session hijacking vulnerabilities.
    Suricata, a network intrusion prevention and analysis platform.
    WhatPulse, a statistical (input, network, uptime) measuring application.
    Xplico, a network forensics analysis tool (NFAT).
    Scapy, a packet manipulation tool for computer networks, written in Python by Philippe Biondi.

Do you use a McAfee product?

srb

Re: What is WinPcap??
« Reply #4 on: 12 Mar 2016, 03:49 pm »
Here's an in-depth list of WinPcap-based Tools and Programs:

http://www.winpcap.org/misc/links.htm#tools

FullRangeMan

  • Volunteer
  • Posts: 21249
  • To whom more was given more will be required.
    • Never go to a psychiatrist, adopt a straycat or dog. On the street they live only two years average.
Re: What is WinPcap??
« Reply #5 on: 12 Mar 2016, 03:56 pm »
Deleted

WGH

Re: What is WinPcap??
« Reply #6 on: 12 Mar 2016, 04:05 pm »
Then you are OK.

Files installed by McAfee Rogue System Detection Sensor
Program executable:   RSSensor.exe
Name:   McAfee Rogue System Detection
   McAfee Rogue System Sensor
Path:   C:\Program Files\McAfee\RSD Sensor\RSSensor.exe
MD5:   a2ec825987aea3d18ec5d6559df266a3
Additional files:

    AgentSDK.dll - McAfee Rogue System Detection (Agent SDK helper dll)
    RSSensor.exe - McAfee Rogue System Sensor
    SensorPlugin.dll - McAfee Rogue System Sensor Plugin
    SensorSNMP.dll - SNMP extension for the McAfee Network Access Control Sensor
    ScanDLL.dll - ScanDLL Dynamic Link Library (Discovery ScanDLL Dynamic Link Library)
    mfecryptc.dll - McAfee Agent (McAfee Agent's FIPS-140-2 compliant cryptographic boundary)
    mfecurl.dll - CMA CURLLIB
    mfezlib.dll - CMA ZLIB
    Packet.dll (by CACE Technologies) - WinPcap Professional (WPRO_41_2001) (packet.dll Wrapper Dynamic Link Library)
    wpcap.dll (by CACE Technologies) - wpcap.dll Dynamic Link Library - based on libpcap 1.0rel0b branch (20091008)

FullRangeMan

  • Volunteer
  • Posts: 21249
  • To whom more was given more will be required.
    • Never go to a psychiatrist, adopt a straycat or dog. On the street they live only two years average.
Re: What is WinPcap??
« Reply #7 on: 12 Mar 2016, 04:11 pm »
Great, thanks guys you are the best.
Anyway I minded to uninstall it,
it appear afew months ago only.

I was sabotaged today, a older 5th restore point save me.
McAfee was sleeping again.

WGH

Re: What is WinPcap??
« Reply #8 on: 12 Mar 2016, 04:49 pm »
I have never used McAfee, the program used to be bundled with other software but in the past it was not the best antivirus or firewall program and often caused more problems than it fixed.

I believe Norton is highly regarded and has fixed their system hogging software if you like to use an all-in-one protection plan.

I use the three programs below and have never had a problem while traveling the internet.

ESET antivirus ($39.99), it is one of the top rated antivirus programs and it uses practically zero system resources so computer speed is not affected.
The free COMODO firewall works perfectly.
Malwarebytes Anti-Malware Home Premium ($24.95/year) (Free version available) (Windows only) has realtime monitoring, anti-malware and anti-spyware scanner detects and removes malware like worms, Trojans, rogues, spyware, bots, and more. Anti-rootkit technology drills down and removes deeply embedded rootkits, one of the most dangerous forms of malware.
https://www.malwarebytes.org/antimalware/

All the writers for the Windows Secrets tech site use Malwarebytes, they know all about what is hiding in the internet's dark corners so if they use it that's good enough for me.

Wayne

FullRangeMan

  • Volunteer
  • Posts: 21249
  • To whom more was given more will be required.
    • Never go to a psychiatrist, adopt a straycat or dog. On the street they live only two years average.
Re: What is WinPcap??
« Reply #9 on: 12 Mar 2016, 04:59 pm »
Thanks for the heads up Wayne,
I will take note on the Mc renew. :thumb: