Ethereal-dev: Re: [Ethereal-dev] Priv sep in ethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Lars Roland <lars.roland@xxxxxxx>
Date: Tue, 08 Feb 2005 23:04:51 +0100
Ulf Lamping schrieb:
Lars Roland wrote:

I found an interesting tool that comes with WinPcap.
For administrators wanting to achieve privilege separation for ethereal and to have NPF driver loaded only when necessary, look at this:

C:\Programme\WinPcap>npf_mgm.exe /?
NPF Management - Written by Gianluca Varenni (varenni@xxxxxxxxx)

syntax: npf_mgm -s -x -u -i -r -a -d

        -s starts NPF driver
        -x stops NPF driver
        -u uninstalls NPF driver
        -i installs NPF driver
        -r uninstalls and reinstalls NPF driver
        -a changes the NPF driver start-type to auto-start
        -d changes the NPF driver start-type to demand-start

Using "runas" with this tool, you can load the NPF driver just before starting ethereal, and unload it when you don't need it anymore.

But what's the benefit compared against "net start npf" / "net stop npf"? I don't see any real difference.

Ok, there is probably no difference to "npf_mgm -s" / "npf_mgm -x"