WinPcap
| WinPcap | |
|---|---|
| Basic data
|
|
| developer | The WinPcap Team |
| Current version | 4.1.3 (March 8, 2013) |
| operating system | Windows |
| programming language | C. |
| category | Network - driver |
| License | Freeware |
| German speaking | No |
| www.winpcap.org | |
WinPcap is a program library distributed as freeware , consisting of a driver that enables hardware-related access to the network card, and a collection of programs that offer convenient access to the individual layers of the OSI model relevant for networks . It runs under Windows from version 2000. Windows 9x is only supported up to version 4.0 beta2 (unstable) and version 3.1 (stable). From version 4.1.3 Windows 8 is also supported.
The program library is based on the library known from Unix, libpcap , which implements the pcap interface.
The packets transported over the network are received and forwarded by the WinPcap modules bypassing the protocol stack. In this way, statistics about the network load, the various types of packets and their content can be logged and analyzed. Since the packets are available before they are processed by the operating system, the interface can also be used to simulate network cards in an existing network.
WinPcap is actually used in network monitoring software such as Wireshark (formerly Ethereal), Nmap , AutoScan-Network , Snort , Cain & Abel , WinDump and ntop . Emulation software such as QEMU or coLinux can be integrated directly into a network with WinPCap without installing a virtual network card ( TUN / TAP ) in the system.
Web links
- Official project website (English)