Nmap Announce mailing list archives
Npcap 1.50 Release Brings Nmap & Wireshark to Windows ARM devices
From: Gordon Fyodor Lyon <fyodor () nmap org>
Date: Mon, 28 Jun 2021 13:44:57 -0700
Hi folks. The Nmap Project is pleased to release Npcap version 1.50 at https://npcap.org. There are many improvements in this release, but the one we're most excited about is support for the ARM architecture! This allows apps like Nmap and Wireshark to run for the first time on a newer generation of hardware which often includes all-day battery life and always-on LTE/5G capabilities. Devices vary from the $349 Samsung Galaxy Book Go laptop to the higher end Microsoft Surface Pro X and HP Elite Folio. We've tested the first two of those in our lab already. I'm not saying Windows on ARM is completely ready for prime-time yet. There are still compatibility issues, but efficient raw packet capture is no longer one of them! And MS promises even better ARM support with the Windows 11 release later this year. They will need it to compete with Apple's impressive ARM devices (M1 chip) and all the ARM Chromebooks. Of course ARM is already the dominant architecture for smaller mobile devices like smartphones. We would like to thank Microsoft (particularly Pedro Miguel Justo) for doing the initial proof-of-concept port. Npcap's chief developer Dan Miller ended up writing a different implementation as part of a big code reorganization, but Pedro's initial port inspired the work by getting us excited about the idea and demonstrating demand through all the comments people left on his pull request and the related ticket. Since Windows on ARM includes x86 emulation for 32-bit apps, the current Nmap and Wireshark work fine. Just install Npcap 1.50 first and then run their installers like usual. Once Nmap and Wireshark incorporate Npcap 1.50 (hopefully in their next releases), you can skip that first step. We have also released a new Npcap SDK 1.10 which enables building Npcap into native ARM apps. Npcap 1.50 includes some performance enhancements as well. For example we streamlined loopback packet injection to avoid using Winsock Kernel (WSK) sockets, removing 1,300 lines of complexity and overhead. We also updated the Windows 8 and 8.1 version of the driver to NDIS 6.30 to support network stack improvements like RSC and QoS. The Windows 10 driver still uses the even newer NDIS 6.50. Npcap now passes Microsoft's Static Driver Verifier for NDIS drivers and Visual Studio's Code Analysis "AllRules" ruleset. There were many bug fixes as well. You can read about all the changes at https://npcap.org/changelog and you can download Npcap 1.50 from https://npcap.org. That page also includes details on the Npcap OEM program for commercial use and redistribution. While Npcap has been successful in its own right and is now used by hundreds of other software programs, we created it for Nmap and that's where we're turning our attention next! We've made many Nmap improvements since the last release and we're making Nmap our near-exclusive focus for the next month so we can put out a great release in time for Defcon and Black Hat USA! So stay tuned for that. Sincerely, Gordon "Fyodor" Lyon _______________________________________________ Sent through the announce mailing list https://nmap.org/mailman/listinfo/announce Archived at http://seclists.org/nmap-hackers/
Current thread:
- Npcap 1.50 Release Brings Nmap & Wireshark to Windows ARM devices Gordon Fyodor Lyon (Jun 28)