Npcap 1.50 Release Brings Nmap & Wireshark to Windows ARM devices

[Gordon Fyodor Lyon <fyodor () nmap org>]

Hi folks.  The Nmap Project is pleased to release Npcap version 1.50 at
https://npcap.org.  There are many improvements in  this release, but the
one we're most excited about is support for the ARM architecture!  This
allows apps like Nmap and Wireshark to run for the first time on a newer
generation of hardware which often includes all-day battery life and
always-on LTE/5G capabilities.  Devices vary from the $349 Samsung Galaxy
Book Go laptop to the higher end Microsoft Surface Pro X and HP Elite
Folio.  We've tested the first two of those in our lab already.  I'm not
saying Windows on ARM is completely ready for prime-time yet.  There are
still compatibility issues, but efficient raw packet capture is no longer
one of them!  And MS promises even better ARM support with the Windows 11
release later this year.  They will need it to compete with Apple's
impressive ARM devices (M1 chip) and all the ARM Chromebooks.  Of course
ARM is already the dominant architecture for smaller mobile devices like
smartphones.

We would like to thank Microsoft (particularly Pedro Miguel Justo) for
doing the initial proof-of-concept port.  Npcap's chief developer Dan
Miller ended up writing a different implementation as part of a big code
reorganization, but Pedro's initial port inspired the work by getting us
excited about the idea and demonstrating demand through all the comments
people left on his pull request and the related ticket.

Since Windows on ARM includes x86 emulation for 32-bit apps, the current
Nmap and Wireshark work fine.  Just install Npcap 1.50 first and then run
their installers like usual.  Once Nmap and Wireshark incorporate Npcap
1.50 (hopefully in their next releases), you can skip that first step.  We
have also released a new Npcap SDK 1.10 which enables building Npcap into
native ARM apps.

Npcap 1.50 includes some performance enhancements as well.  For example we
streamlined loopback packet injection to avoid using Winsock Kernel (WSK)
sockets, removing 1,300 lines of complexity and overhead.  We also updated
the Windows 8 and 8.1 version of the driver to NDIS 6.30 to support network
stack improvements like RSC and QoS.  The Windows 10 driver still uses the
even newer NDIS 6.50.  Npcap now passes Microsoft's Static Driver Verifier
for NDIS drivers and Visual Studio's Code Analysis "AllRules" ruleset.

There were many bug fixes as well.  You can read about all the changes at
https://npcap.org/changelog and you can download Npcap 1.50 from
https://npcap.org. That page also includes details on the Npcap OEM program
for commercial use and redistribution.

While Npcap has been successful in its own right and is now used by
hundreds of other software programs, we created it for Nmap and that's
where we're turning our attention next!  We've made many Nmap improvements
since the last release and we're making Nmap our near-exclusive focus for
the next month so we can put out a great release in time for Defcon and
Black Hat USA!  So stay tuned for that.

Sincerely,
Gordon "Fyodor" Lyon
_______________________________________________
Sent through the announce mailing list
https://nmap.org/mailman/listinfo/announce
Archived at http://seclists.org/nmap-hackers/