WinPcap: The Windows Packet Capture Library

Home    
News            
Get WinPcap  
Get WinDump 
Development  
Support         
Products         
Links             
FAQ              
The Team      
License          

Why WinPcap?

WinPcap is:

  • Free. WinPcap is released under the BSD open source licence.  This means that you have total freedom to modify and use it with your application, even if it's commercial. The binary and source code are available here.
  • High performance. WinPcap implements all of the classic optimizations described in the packet capture literature (e.g., kernel-level filtering and buffering, context switch mitigation, partial packet copy), plus some original ones, like JIT filter compilation and kernel-level statistic processing. For these reasons, WinPcap outperforms other comparable approaches.
  • Popular. WinPcap is used as the network interface by many tools -- both free and commercial including protocol analyzers, network monitors, network intrusion detection systems, sniffers, traffic generators, network testers, etc. Some of these tools, like Wireshark, Nmap, Snort, WinDump, ntop are very well known in the networking community. WinPcap is downloaded thousands of times every day.
  • Tested and Reliable. Many users have contributed over the years in testing WinPcap on a wide range of platforms, and in finding the most subtle bugs. WinPcap developers are experienced Windows driver writers, and their approach to software development emphasizes rock-solid stability. Remember: a buggy driver means blue screens.
  • Easy to use for the final user. WinPcap is distributed as a single small executable that runs on every supported operating system. You launch the executable, and from that moment Windows is able to capture and send raw network traffic. It couldn't be easier.
  • Easy to use for the programmer. Every version of WinPcap comes with a developer's pack that includes documentation, libraries and include files needed to immediately start with your own new application. The developer's pack contains a set of sample programs ready to be compiled both with Visual Studio and Cygnus, and are available as excellent starting points.
  • Multi-platform. WinPcap is actively maintained on Windows NT, Windows 2000, Windows XP and Windows Server 2003. WinPcap can also work on Windows 95, Windows 98 and Windows ME, but these OSes are not maintained any longer. Windows Vista has a preliminary support, with some features disabled.
  • Portable. WinPcap is completely compatible with libpcap. This means that you can use it to port your existing Unix or Linux tools to Windows. This also means that your Windows applications will be easily portable to Unix.
  • Well documented. The WinPcap manual documents the API and the internals in an easy-to-follow hyperlinked manner. The documentation includes a tutorial that takes you step-by-step through all of the features of WinPcap.
  • Commercially Supported: Are you interested in professional WinPcap support? Do you want a phone number to call when something goes wrong? Do you need help in developing your low-level network code? CACE Technologies can help you!
  
 
 


Last modified: Tuesday, July 01, 2008 17.41