Wireshark

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. ISC has a nifty services file that also includes a bunch of ports on which different trojans and malware listen.
    http://isc.sans.org/services.html
    Tags: ( ports malware )
  2. Here's a little something to play with in your reversing lab, the Kindle machine readable source code.
    Amazon.com: Help > Digital Products Help > Amazon Kindle Wireless Reading Device > Amazon Kindle Terms, Warranties, & Notices > Source Code Notice
    Tags: ( kindle )
  3. Amusing.
    YouTube - 50 Ways to Inject Your SQL
    Tags: ( humor sql )
  4. The entire Penetration Testing and Vulnerability Analysis course at Polytechnic Institute of New York University is now available on the web for free. Very cool.
    Penetration Testing and Vulnerability Analysis - Home
    Tags: ( education )
  5. The start of what looks to be an interesting series on session attacks against ASP.NET.
    AppSec Street Fighter - SANS Institute >> Session Attacks and ASP.NET - Part 1
    Tags: ( asp.net session )
  6. Opera release version 10 of its browser yesterday and it contains something new called Unite. It should scare you if you are responsible for protecting your enterprises data assets. Any user can now quickly and, supposedly, easily setup a web server/service.
    Boaz Gelbord: Opera Invites You to Join the Cloud
    Tags: ( opera browser )
  7. A new version of Wireshark has been released. Wireshark is an awesome open source network sniffer that is very robust and full of functionality.
    Wireshark 1.2.0 released
    Tags: ( wireshark packet-capture sniffer tools )
  8. Interesting. Low bandwidth denial of service on a web server without affecting other services and easily started and stopped.
    Slowloris HTTP DoS ha.ckers.org web application security lab
    Tags: ( dos http apache )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Wireshark and Windows 7

by kriggins on January 12, 2009

in Uncategorized

UPDATE - November 13th, 2009: I have just successfully installed Wireshark 1.2.3 on 64-bit Windows 7 Ultimate. Version 1.2.3 includes WinPCAP 4.1.1 which supports Windows 7. I did not have to do anything special. I simply installed the Wireshark package.

UPDATE October 22nd, 2009: Johan indicates in the comments that version 4.1.1 of WinPcap has been released. He says that it works fine with Windows 7. I would install version 4.1.1 of WinPcap first and then install Wireshark and say no when it asks if you want to install WinPcap. I need to confirm, but the rest of this post should still hold true.

-------

I needed to do a packet capture on my Windows 7 box. With a certain amount of trepidation, I downloaded Wireshark (1.0.5) and ran the install.

Unfortunately, it did not work. However, I did not install the NPF driver as a service. I uninstalled and reinstalled, setting the NPF driver to start as a service.

Success. So, if you are installing Wireshark on Windows 7, make sure to check the option to start as a service. This allows non-administrative users to use Wireshark. I suspect UAC is getting in the way, but have not dug into it yet.

-Kevin

Reblog this post [with Zemanta]

{ 33 comments }