WinPcap: The Windows Packet Capture Library

Home    
News            
Get WinPcap  
Get WinDump 
Development  
Support         
Products         
Links             
FAQ              
The Team      
License          

News

5 August, 2008
The Electronic Frontier Foundation (EFF) has just released a new tool based on WinPcap named 'Switzerland'.
 
According to its creators, "Switzerland is designed to detect the modification or injection of packets of data traveling over IP networks, including those introduced by anti-P2P tools from Sandvine (widely believed to be used by Comcast to interfere with BitTorrent uploads) and AudibleMagic, advertising injection systems like FairEagle, censorship systems like the Great Firewall of China."
 
The full press release can be found here.
 
27 May, 2008
As of today, WinPcap 4.1 beta4 is available in the download section of the WinPcap website.

This new release includes some fixes to the kernel driver, as well as some new pcap APIs exported by wpcap.dll.
 
Full details can be found in the change log.
 
Being a beta release, as usual, we encourage people to test it and report any anomaly or strange behavior to the WinPcap mailing lists.
 
31 January, 2008
As of today, WinPcap 4.1 beta3 is available in the download section of the WinPcap website.
 
This new software release includes a couple fixes to the BPF filter engine in the kernel, as well as several fixes and additions to the BPF compiler for filters on wireless traffic (802.11).
 
Full details can be found in the change log.
 
Being a beta release, as usual, we encourage people to test it and report any anomaly or strange behavior to the WinPcap mailing lists.
 
15 November, 2007
As of today, WinPcap 4.1 beta2 is available in the download section of the WinPcap website.
 
This new software release includes several improvements and changes to both the library itself and its developer's pack. First of all, it fixes a security vulnerability in the kernel driver reported by the iDefense Labs in this security advisory.
It also includes the latest available snapshot of libpcap (1.0 branch).
From the developer's point of view, this version ships with a cleaned up update of the developer's pack. Some header files that were wrongly included in the old developer's pack (including some coming from the Microsoft platform SDK) have been removed. Other files have been consolidated or split into internal header files (used for the build of the binaries) and public header files.
Full details can be found in the change log.
 
Being a beta release, as usual, we encourage people to test it and report any anomaly or strange behavior to the WinPcap mailing lists.
In particular, we strongly encourage all the developers to try compiling all their WinPcap-based applications against the new WinPcap developer's pack and report any compilation issue to the winpcap-bugs mailing list (winpcap-bugs<AT>winpcap.org).
 
9 November, 2007
As of today, WinPcap 4.0.2 is available in the download section of the WinPcap website.
 
This maintenance release addresses a security vulnerability reported by the iDefense Labs in this security advisory
Full details can be found in the change log.
 
17 July, 2007
WinPcap developers from China will be glad to know that Xu Feng Just released a Chinese translation of the WinPcap 4.0.1 manual. It can be found at http://WinPcap.CoffeeCat.net.cn.
 
3 July, 2007
As of today, WinPcap 4.1 beta is available in the download section of the WinPcap website.
 
This software release contains some important security bug fixes to the kernel driver, as well as the update of libpcap to the 0.9.6 branch.
Also, it includes some major experimental fixes to the filter compiler to improve filtering over 802.11 networks.
Finally this new version includes support for the Per Packet Info (PPI) encapsulation that will be available in the upcoming version of AirPcap.
Full details can be found in the change log.

Being a beta release, as usual we encourage people to test it and report any anomaly or strange behavior to the WinPcap mailing lists.

 
3 July, 2007
As of today, WinPcap 4.0.1 is available in the download section of the WinPcap website.
 
This maintenance release addresses a security vulnerability reported by the iDefense Labs in this advisory.
Full details can be found in the change log.
 
29 January, 2007
As of today, WinPcap 4.0 is available in the download section of the WinPcap website. This software release contains major improvements to the kernel driver, which has been thoroughly reviewed (and partially rewritten). As a result, WinPcap 4.0 is extremely more reliable and stable than previous versions!
The 4.0 version also adds the long awaited stable support for x64 platforms, including Windows XP and the upcoming Vista.
Finally, this release includes support for the CACE Technologies Wireless AirPcap Adapters, the first open and affordable solution for Wi-Fi capture on the Windows platform.
Full details of the changes can be found in the change log.

As always, we profoundly thank all the users that tested the development versions of WinPcap 4.0, it would not have been possible without your help and precious suggestions. Thanks!
 
6 December, 2006
WinPcap 4.0 beta3 is available as of today in the download section of the WinPcap website.
This new release includes some major cleanup to the code base of packet.dll aimed at having more stable and easily maintainable code. It also includes a more coherent use of the tracing macros, as well as some bug fixes related to AirPcap support and the use of WinPcap in conjunction with some VPN clients.
Moreover, starting from this release, the support for Windows 95/98/ME has been dropped.
Full details can be found in the changelog.

Being a beta release, as usual we encourage people to test it and report any anomaly or strange behavior to the WinPcap mailing lists.

The final release of WinPcap 4.0 is expected to be available by the end of January 2007.

 
20 October, 2006
WinPcap 4.0 beta2 is available as of today in the download section of the WinPcap website.
 
This release fixes a bug in the capture driver that could cause a system crash when setting a new filter or changing the kernel buffer size.
This build also includes the official version of libpcap v0.9.5 available on the tcpdump website
Full details can be found in the changelog
Being a beta release, as usual we encourage people to test it and report any anomaly or strange behavior to the WinPcap mailing lists.
 
29 August, 2006
"8 Absolutely Cool, Totally Free Utilities". This is the title of one of the articles in the last issue of the WindowsITPro magazine, which reviews some of the best tools for the IT professionals. What's pretty interesting is that all the tools our team develops (WinDump, Wireshark/Ethereal and WinPcap) are part of the list.
 
You can read the online version of the article here.
 
23 August, 2006
CACE Technologies is happy to announce the release of the AirPcap Wireless Capture Adapter for Windows.
 
AirPcap is the first open, affordable and easy to deploy WLAN (802.11b/g) packet capture solution for the Windows platform. AirPcap comes as a USB 2.0 adapter, and it's been fully integrated with WinPcap and Wireshark: it enables you to capture and analyze low-level 802.11b/g wireless traffic, including control frames, management frames and power information.

AirPcap supports the following operating systems: Windows 2000, Windows XP 32 and 64 bit, Windows Server 2003 32 and 64 bit.
 
More details can be found at: http://www.cacetech.com/products/airpcap.htm.
Press Release: http://www.prweb.com/releases/2006/8/prweb428512.htm.
 
23 August, 2006
WinPcap 4.0 beta1 is available as of today in the download section of the WinPcap website.

This release addresses some bugs in WinPcap 4.0 alpha1 reported by our users (problems sending OID requests to the WinPcap driver, and empty packets while capturing from dialup/VPN adapters).
 
This build also includes support for wireless capture through the CACE Technologies AirPcap adapter, and a major rewriting of the transmit capabilities exposed by pcap_send() and pcap_inject(). Moreover, a deeper testing of the library on Vista Beta2 has been performed.
 
Being a beta release, as usual we encourage people to test it and report any anomaly or strange behavior to the WinPcap mailing lists. Full details can be found in the changelog.
 
7 June, 2006
Creator of Ethereal® joins the WinPcap team; Wireshark is born.

We are proud to announce that Gerald Combs, creator of Ethereal®, has joined CACE Technologies (www.cacetech.com). He will be working with Loris Degioanni and Gianluca Varenni, the creators of the WinPcap packet capture library (www.winpcap.org), forming a world-class team of network analysis experts. As his first venture in this new alliance, Gerald has created the Wireshark network protocol analyzer, a successor to Ethereal®.

Wireshark's home is www.wireshark.org. Enhanced and improved, Wireshark is the ultimate tool of choice for network troubleshooting, protocol development, and education worldwide. The unique partnership of Wireshark and WinPcap brings a new synergy, power, and benefits to the open-source community and industry. The upcoming version of Wireshark will be 0.99.1. A pre-release version is available right now at www.wireshark.org.

"I am indebted to core development team of Ethereal® for joining me to work on Wireshark. With their help and contributions from the user community, we're set to continue our success in building the world's leading open-source network protocol analyzer. We have lots of new and exciting things planned for Wireshark! I'm also really excited about joining CACE. Loris and Gianluca are well respected in the community, and it will be great to work with them. As an added bonus, Davis is a great place for my wife and me to raise our daughter," said Gerald.

"We’re thrilled to welcome Gerald to CACE Technologies and expect to do great things together. The sky’s the limit," said Loris.
 
10 May, 2006
WinPcap 4.0 alpha1 is available from today in the download section of the WinPcap website.
This release includes major changes to several modules in the Windows NTx driver. This effort is aimed at improving the reliability of WinPcap when an adapter is disabled or "repaired" while a WinPcap-based application is running, and was prompted by a number of system crash reports from our users. This extensive rewriting is the main reason why we decided to move to version 4.0.
 
This new release of WinPcap has been thoroughly tested internally. However, due to the extensive modifications to the kernel driver code, we feel that a testing period from the WinPcap community is necessary to guarantee a level of stability comparable with WinPcap 3.1. We encourage everyone to play with this new version and report any problems on the various WinPcap mailing lists.
 
More details can be found in the changelog.
 
7 February, 2006
CACE Technologies releases The Network Toolkit!
The Network Toolkit is a collection of WinPcap and non-WinPcap based system security and network tools, that can run from CD or USB pen drive without any installation. You can learn more about it from the CACE Technologies website.
 
6 February, 2006
The website has been partially reorganized and improved. Now we have a "developers" section where programmers can download the developer's pack and the sources, and access the documentation.
 
18 December, 2005
WinPcap 3.2 alpha1 is available from today in the download section of the website. This is the first version of WinPcap that includes the long-awaited support for the x86-64 platforms, for the moment in experimental version. More details can be found in the changelog.
 
23 August, 2005
We added to the website a page with some simple JavaScript applets that automate recurrent bandwidth and frame rate conversions for Ethernet networks. Developers of network tools may find them useful. The address is http://www.winpcap.org/misc/calculators.htm.
 
11 August, 2005
Your wireless card doesn't work properly with WinPcap? The AirSnare website contains a video that shows how to get the packets from it by using the bridging feature of Windows.
 
5 August, 2005
After more than two years of hard work, the final version of WinPcap 3.1 is available from today in the download section of the WinPcap website. This new release represents an important milestone for the project: major improvements and bug fixes have been carried out during this long period of time, and the result is the most stable and reliable version of WinPcap in its history. Thanks to all the users that contributed to this result by submitting bug reports and thoroughly testing the several betas that were made available.
 
13 July, 2005
The WinPcap website has been enriched with a new project: NTAR, the Network Trace Archival and Retrieval library. NTAR is planned to become the new standard for network trace files, and has a lot of cool improvements compared to the existing libpcap format. More information can be found at http://www.winpcap.org/ntar/.
 
12 July, 2005
A new mailing list, winpcap-announce@winpcap.org, has been created. winpcap-announce is a low volume, moderated list for announcements about WinPcap. Users can subscribe through the mailman interface.
 
12 July, 2005
A couple of search boxes has been added to the mailing lists page. They can be used to look for information on the mailing list archives. 
 
2 June, 2005
Japanese programmers will be happy to know that TeleBusiness, Inc has just released a Japanese translation of the WinPcap 3.0 manual.
 
5 May, 2005
The WinPcap project is born to a new life. The Netgroup at the Politecnico di Torino retired from this project, but a new WinPcap team has been formed in order to continue the development and support of WinPcap. This is the complete announcement.
 
4 November, 2004
The beta4 of WinPcap 3.1 is available from today in the download section.
WinPcap 3.1 beta4 is a minor update, that fixes several bugs and leaks reported by our users after the release of beta2 and beta3.
 
15 May, 2004
The beta3 of WinPcap 3.1 is available from today in the download section.
WinPcap 3.1 beta3 is a minor update, that fixes a couple of bugs present in beta2, that prevented it to work on Windows 9x.
 
3 May, 2004
The beta2 of WinPcap 3.1 is available from today in the download section.
WinPcap 3.1 beta2 is a minor update, that fixes a number of bugs that were present in the first beta.
There's a new feature, too: under 2000/XP/2003 we have added a new fake NdisWan adapter, useful to capture LCP/NCP PPP packet, for example. This adapter is always listed (if you have enough privileges), even if you don't have any PPP/VPN/... connection established. Please note that this feature is experimental, and that we will be glad to hear comments from people that use it.
 
3 February, 2004
The beta of WinPcap 3.1 is available from today in the download section.
WinPcap 3.1 beta is a main update, with a good number of bug fixes and new  features. The most important is the support for NdisWan connections (dial-up and VPN) by
means of the NetMon API. Please note that this feature is experimental, and that we will be glad to hear comments from people that use it. Another new functionality is the support for Dag cards (http://www.endace.com), based on the Windows Driver that Endace developed in conjunction with the WinPcap team during 2003.
pcap_findalldevs() and pcap_findalldevs_ex() are now able, under Windows XP and Windows Server 2003, to return IPv6 addresses in addition to IPv4 ones.
Finally, several bugs have been fixed.
 
16 September, 2003
Two new papers are available in the documentation section. The first one, Profiling and Optimization of Software-Based Network-Analysis Applications, contains a performance analysis of WinPcap and the description of some solutions adopted to improve its efficiency. The second one, WinPcap: una libreria open source per l'analisi di rete, is a description of the architecture of WinPcap with some performance evaluation, written in Italian language.
 
13 June, 2003
WinPcap 3.01 alpha is available from today here. It contains also an updated documentation.
 
10 April, 2003
WinPcap 3.0 final is available from today in the download section
In includes a new documentation, which is available online here. It contains a complete user's manual, several samples, a tutorial and  a complete documentation of Winpcap internals and remote capture.
 
10 February, 2003
The beta of WinPcap 3.0 is available from today in the download section. The main improvements of this release are:
- experimental support for SMP machines
- kernel buffering rewritten from scratch
- experimental support for remote capture.
 
22 October, 2002
WinPcap 3.0 alpha 4 is available in the download section. It fixes a bug in the driver that caused a blue screen when stopping or uninstalling WinPcap.
 
7 October, 2002
A third alpha of WinPcap 3.0 is available from today under the download section. Its main purpose is to fix a bug that caused an unhandled exception error with all winpcap-based applications under NT4/2K/XP.
 
20 September, 2002
A second alpha of WinPcap 3.0 is available from today under the download section. Its main purpose is to fix some bugs that were found by the users.
 
9 August, 2002
The alpha of WinPcap 3.0 is available from today in the download section of the site. Version 3.0, whose goal is to be the most efficient and complete among public packet capture systems, is one of the most remarkable improvements in the history of WinPcap. See the change log for a list of the new features, and give us feedback on the winpcap-users mailing list
 
9 August, 2002
The new WinPcap documentation is available in the developer's pack. It is the most comprehensive reference for WinPcap programmers. It covers the whole API and the internals of WinPcap and it is updated to version 3.0, including the new functions introduced in this version. A tutorial with a lot of samples is included as well. The documentation was created using the doxygen tool, so it is completely browsable, from the high level functions to the source code.
 
13 May, 2002
Updated the Windows CE version with the patches sent by Joe Meilak. As usual, you can find it in the download section.
 
17 April, 2002
An alpha version of WinPcap for Windows CE (with the driver and packet.dll) has been added. It was kindly provided by Navin Pai. You can download it heree.
 
28 March, 2002
WinPcap 2.3 was released today. An updated developer's pack is available too.
 
28 March, 2002
The WinPcap web site has moved from http://netgroup-serv.polito.it/winpcap to http://winpcap.polito.it. Please update your bookmarks.
 
28 March, 2002
WinPcap has now a public mailing list. Go to http://winpcap.polito.it/contact.htm if you want subscribe.
 
20 September, 2001
WinPcap 2.3 beta is available. As usual, the changes can be found in the change log
 
30 July, 2001
WinPcap 2.2 is available. The changes can be found in the change log
 
6 June, 2001
The beta of WinPcap 2.2 has been released. WinPcap now supports cygwin! Look here at the new features. The binary, the source code and the developer's pack are available from the download page.
 
26 March, 2001
We created a wish list on Amazon: now people that like our work can make us a gift.
 
20 March, 2001
After a quite long beta period, WinPcap 2.1 is now available. See the change log for the list of additions. The source code and the developer's pack are also available.
 
20 March, 2001
The new Website is up. It contains the new binaries and the updated documentation of WinPcap.
 
 
 


Last modified: Tuesday, August 05, 2008 18.09