Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Sniffers, scanners and XP raw packet drivers

From: Ken.Williams () ey com
Date: Mon, 17 Dec 2001 08:55:52 -0600
What Dave is referring to is "Windows Program Compatibility Mode", and it
is very cool.  For more information on what it is and how to use it, see:
"HOW TO: Use Windows Program Compatibility Mode (Q292533)".  I have used
this quite a bit, and also use vmware with nt4 and win2k (and obsd and
linux) of course.

Regards,
ken





Ken Williams ; Technical Lead ; ken.williams () ey com
eSecurityOnline - an eSecurity Venture of Ernst & Young
ken.williams () ey com ; www.esecurityonline.com ; 1-877-eSecurity






                    "Shackleford,
                    Dave"                To:     "'simon () derision net'"
<simon () derision net>
                    <znz1 () cdc gov        cc:
"'pen-test () securityfocus com'" <pen-test () securityfocus com>, (bcc: Ken
                    >                    Williams/AABS/EYLLP/US)
                                         Subject:     RE: Sniffers,
scanners and XP raw packet drivers
                    12/13/2001
                    12:03 PM






If I'm not mistaken, XP Pro has a "pool" of DLLs and drivers available to
it
that may allow you to run apps in a "Pre-XP OS" mode; for example, I know
you can run apps in a simulated Win98 or simulated Win 2K environment. I
can't remember exactly how, though - try the always-helpful right-click on
the app executable and see what happens....

Dave Shackleford
Web Content Management Team (TRW)
CDC - NCCDPHP
--------------------------
770-488-5816
znz1 () cdc gov


-----Original Message-----
From: Simon [mailto:simon () derision net]
Sent: Thursday, December 13, 2001 7:51 AM
To: PenTest
Subject: Sniffers, scanners and XP raw packet drivers


Folks,

Anyone had any success getting Ethereal and other tools to work under
Windows XP Pro?
even if Winpcap installed:

  Ethereal won't find an interface,
  ISS can't find raw packet drivers for some of its scans are disabled
  Nmapnt can't find any suitable interfaces
  Foundstone fport won't resolve ports to process owners (although fscan
and superscan run fine)
  .... (the list goes on)

All these worked on my laptop nicely under Windows 2000? Does anyone
have a solution to this? I guess what I need is a raw packet capture
driver that works under winXP... Any ideas?

Aaarrrgggh,

Simon, CISSP









______________________________________________________________________
The information contained in this message may be privileged and
confidential and protected from disclosure.  If the reader of this message
is not the intended recipient, or an employee or agent responsible for
delivering this message to the intended recipient, you are hereby notified
that any dissemination, distribution or copying of this communication is
strictly prohibited. If you have received this communication in error,
please notify us immediately by replying to the message and deleting it
from your computer.  Thank you.  Ernst & Young LLP


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: