# What is Winpcap please?



## Inquitus (Aug 4, 2005)

Anyone tell me what Winpcap is, what it is used for and why it should be on my PC.

Tnx,

Inqui


----------



## MFDnNC (Sep 7, 2004)

http://www.google.com/search?q=Winpcap+&sourceid=mozilla&start=0&start=0&ie=utf-8&oe=utf-8


----------



## Elvandil (Aug 1, 2003)

It's a packet capture driver. You'll need it for quite a few different network monitoring and analysis apps.


----------



## Inquitus (Aug 4, 2005)

can it be used by my employer to monitor my internet usage levels?


----------



## Elvandil (Aug 1, 2003)

It can be used to "capture" packets on the network and analyze their contents and volume, yes.


----------



## Inquitus (Aug 4, 2005)

When I go into services.msc it is set to manual and not running. Does that mean it inactive?


----------



## Elvandil (Aug 1, 2003)

I have it installed and don't have it in Services. What service are you referring to?

In any case, it doesn't need to be running on your machine. Depending on what software is using it, packets from your machine can be monitored from another machine on the network.


----------



## Inquitus (Aug 4, 2005)

Can I just kill it with Hijack this?

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)


----------



## MFDnNC (Sep 7, 2004)

Yes and

in msc

Rightclick and choose "Properties". On the "General" tab under "Service Status" click the "Stop" button to stop the service. Beside "Startup Type" in the dropdown menu select "Disabled". Click Apply then OK. File-Exit the Services utility.


----------



## Elvandil (Aug 1, 2003)

In fact, I do have it in services under the same name that you do (not running), but as I mentioned, it need not be running on your machine---packets can be captured by others on the network that you are connected to. All packets going to and from your machine can be monitored by someone with the right software.

But if you are attempting to circumvent some sort of surveillance system used by your employer, especially if this is on a machine belonging to your employer, we are not able to help you any further. Suffice it to say that if an employer has implemented a monitoring system, there is no doubt a method of checking that it is working or has not been circumvented. Be careful that you don't get yourself in even more trouble by disabling company property.


----------



## Inquitus (Aug 4, 2005)

It's ok, I am more wondering what that service was than trying to circumvent it. Anyway I don't live in the US and therefore the information contained on my computer and electronic records pertaining to that are NOT company property. The privacy laws in this country are reasonably strong.

Thanks for all those who provided an explanation,

Inqui


----------



## Elvandil (Aug 1, 2003)

Inquitus said:


> It's ok, I am more wondering what that service was than trying to circumvent it. Anyway I don't live in the US and therefore the information contained on my computer and electronic records pertaining to that are NOT company property. The privacy laws in this country are reasonably strong.
> 
> Thanks for all those who provided an explanation,
> 
> Inqui


If you are connected to a network and traffic flows from your machine, someone is able to monitor that traffic. There isn't a whole lot you can do about that short of encryption or disconnection.


----------

