[WinPcap-users] How to distinguish the IPSEC interface?
Hello, After I defined the list of interfaces I need to exclude the IPSEC interface from the list. How can I find out whether this interface is IPSEC or not? Thanks Alex == This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] ==
[WinPcap-users] WinPcap identified as spyware by Microsoft AntiSpyware Beta 1
Hello, WinPcap is identified as follows: WinPCap Type: Enabler Threat Level: Low Author: WinPCap Team including = Loris Degioanni Description: WinPCap is an Open Source Windows Packet Filtering Library. It provides low level internet system traffic data to other applications that leverage its utilities. Advice: This software is not necessarily hazardous unless it is used by a particular spyware threat. If you quarantine or remove all of the spyware threats from your computer you do not necessarily need to remove this program. Please note: if a legitimate application is using functionality contained in an enabler application, removing the enabler may cause that application to cease functioning properly. This application is okay to have running on your computer, as they are only dangerous if a Spyware application is also installed on your machine and exploiting it. However if you did not install this, or know of a legitimate application that did, you may consider quarantining or removing it. Please note: if a legitimate application is using functionality contained in an enabler application, it may cause that application to cease functioning properly. About Enabler: While not spyware, it provides functionality that spyware products have been known to exploit. Normally, these applications are okay to have running on your machine, as they are only dangerous if a Spyware application is also installed on your machine and exploiting it. However if you did not install this, or know of a legitimate application that did, you may consider quarantining or removing it. Please note: if a legitimate application is using functionality contained in an enabler application, removing the enabler may cause that application to cease functioning properly. = Is it true that WinPcap is being exploted by spyware? If so, can that be prevented? Philip == This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] ==
Re: [WinPcap-users] WinPcap identified as spyware by Microsoft AntiSpyware Beta 1
Read again the part of your email, below: could the evil open source term have anything to do with it ?!? I have a couple of other things running on a W2K box, and all happened to be open source or freeware, coincidentally, and some were immediately identifed as potentially malicious by the M$ stuff ... ;) Now - if Microsoft was to develop winpcap, and sell it ... hmm ... that would probably make it safer, by definition (Microsoft = security, as we all know). ; On Thu, 6 Jan 2005 19:29:41 +0100, Philip Stoev [EMAIL PROTECTED] wrote: Hello, WinPcap is identified as follows: WinPCap Type: Enabler Threat Level: Low Author: WinPCap Team including = Loris Degioanni Description: WinPCap is an Open Source Windows Packet Filtering Library. snip == This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] ==
Re: [WinPcap-users] WinPcap identified as spyware by Microsoft AntiSpyware Beta 1
Now - if Microsoft was to develop winpcap, and sell it ... hmm ... that would probably make it safer, by definition (Microsoft = security, as we all know). ; That said, the security warning is not 100% fake ; if a malicious program gets running on your machine, the fact that it can snoop each and every traffic packet that is sent or received using Winpcap (and can send packets also w/ PktSendPkt) makes such a malware to be a nasty one. so, if I never installed winpcap and it somehow gets installed, I'd get slightly worried that some shitware is snooping my passwords... == This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] ==
RE: [WinPcap-users] WinPcap identified as spyware by Microsoft AntiSpyware Beta 1
I am pretty sure that Microsoft's app specifically looks for WinPCap (along with lots of other things) as part of its scan. It doesn't say it is dangerous. It says that it is a DLL that could allow another malicious program to do bad things to your box. I have other packet sniffers installed on my box and it didn't complain about those. Probably because WinPCap is well known and used a lot. Thank you, -Original Message- From: {Pedro Lucas-Suporte Netcount} [mailto:[EMAIL PROTECTED] Sent: Thursday, January 06, 2005 4:03 PM To: winpcap-users@winpcap.polito.it Subject: Re: [WinPcap-users] WinPcap identified as spyware by Microsoft AntiSpyware Beta 1 Now - if Microsoft was to develop winpcap, and sell it ... hmm ... that would probably make it safer, by definition (Microsoft = security, as we all know). ; That said, the security warning is not 100% fake ; if a malicious program gets running on your machine, the fact that it can snoop each and every traffic packet that is sent or received using Winpcap (and can send packets also w/ PktSendPkt) makes such a malware to be a nasty one. so, if I never installed winpcap and it somehow gets installed, I'd get slightly worried that some shitware is snooping my passwords... == This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] == = This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] =
RE: [WinPcap-users] WinPcap identified as spyware by Microsoft AntiSpyware Beta 1
Hi. Unfortunately, there are some spyware (cain, if I remember well) which are using WinPcap for performing their job. Hence, the alarm that comes from Microsoft is not so wrong. However, I feel there's nothing to do against this problem. Unless convincing who is developing spyware not to use WinPcap, but I fee this a bit tricky... fulvio -Original Message- From: Philip Stoev [mailto:[EMAIL PROTECTED] Sent: gioved 6 gennaio 2005 19.30 To: winpcap-users@winpcap.polito.it Subject: [WinPcap-users] WinPcap identified as spyware by Microsoft AntiSpyware Beta 1 Hello, WinPcap is identified as follows: WinPCap Type: Enabler Threat Level: Low Author: WinPCap Team including = Loris Degioanni Description: WinPCap is an Open Source Windows Packet Filtering Library. It provides low level internet system traffic data to other applications that leverage its utilities. Advice: This software is not necessarily hazardous unless it is used by a particular spyware threat. If you quarantine or remove all of the spyware threats from your computer you do not necessarily need to remove this program. Please note: if a legitimate application is using functionality contained in an enabler application, removing the enabler may cause that application to cease functioning properly. This application is okay to have running on your computer, as they are only dangerous if a Spyware application is also installed on your machine and exploiting it. However if you did not install this, or know of a legitimate application that did, you may consider quarantining or removing it. Please note: if a legitimate application is using functionality contained in an enabler application, it may cause that application to cease functioning properly. About Enabler: While not spyware, it provides functionality that spyware products have been known to exploit. Normally, these applications are okay to have running on your machine, as they are only dangerous if a Spyware application is also installed on your machine and exploiting it. However if you did not install this, or know of a legitimate application that did, you may consider quarantining or removing it. Please note: if a legitimate application is using functionality contained in an enabler application, removing the enabler may cause that application to cease functioning properly. = Is it true that WinPcap is being exploted by spyware? If so, can that be prevented? Philip == This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] == = This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] =