Q

How does the removal of WinPcap library impact malicious use of scanning software?

What is the impact on malicious use of scanning software now that Microsoft has decided to remove the WinPcap library from XP with the release of SP2 ?

The WinPcap libraries are a standardized interface that enables the use of an Ethernet device as a network analyzer. Microsoft removed it from SP2 as a security measure. This change prevents attackers from using a simple break of the system to manipulate WinPcap for sniffing the network.

Now, of course, a miscreant can always install the WinPcap libraries, as can any user who wants to do it themselves. But it does make life a little harder for the people who create networks of bot computers and use them to spam and do other bad things.

So, WinPcap is one of SP2's small changes, but it's a good one. Users who want to install WinPcap can find still find it on the net.


For more information on this topic, visit these SearchSecurity.com resources:
  • Submit your XP SP2 security questions to ITKnowledge Exchange.
  • Learn all about XP SP2 and how it will impact your organization.
  • This was first published in October 2004

    Dig deeper on Malware, Viruses, Trojans and Spyware

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close