-
Notifications
You must be signed in to change notification settings - Fork 516
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[npcap] - wireshark stopped see adapters after windows 10 updated to "annivarsary edition" #467
Comments
Winpcap works. |
Hi @zdm , Is your OS x86 or x64? Which Npcap version and Wireshark version did you use? Which Npcap installation options did you choose? Thanks. I have tested latest Please don't use |
Windows 10 x64 Wireshark 2.0.5 x 64 I tried following npcap versions: On 08.08.2016 03:42, Yang Luo wrote:
|
I tried your environment and didn't encounter that issue. What error message did you actually see? |
Wireshark doesn't show any errors, just shows no adapters. On 08.08.2016 08:10, Yang Luo wrote:
|
|
Oh, I forgot to say. Please install Nmap's dev version: https://nmap.org/dist/nmap-7.25BETA1-setup.exe And please install latest Npcap 0.08 r3. |
With nmap-7.25-beta1 results are the same. On 08.08.2016 08:41, Yang Luo wrote:
|
|
|
In Administrator CMD, enter |
Problem with signature
|
|
0 sha256 RFC3161 On 08.08.2016 09:29, Yang Luo wrote:
|
|
I made clean os install a day ago. On 08.08.2016 09:55, Yang Luo wrote:
|
I have no idea what happened.. Can I get a remote access? |
yes, do you have teamviewer? On 08.08.2016 10:01, Yang Luo wrote:
|
Yes. You can email me the password:) hsluoyz@gmail.com |
The network connectivity is so bad. I can't even move the mouse in the remote window. |
I don't know why, I have 100 Mb channel. I need to go to the office now, and will be available in several hours. So, the problem in the driver signature. I will try to find the solution too, I already check, that your On 08.08.2016 10:48, Yang Luo wrote:
|
I found the article, that describes drivers signing changes in windows http://www.thewindowsclub.com/driver-signing-changes-windows-10 Maybe this will helpful to solve the problem. On 08.08.2016 10:48, Yang Luo wrote:
|
I think, that this requirement should be met: "The latest version of Windows 10 will load only Kernel mode drivers On 08.08.2016 10:48, Yang Luo wrote:
|
Thanks! This should be the reason. From your link here, the following 5 conditions have described what kind of Windows will be affected by this new signing rule:
But it's a little weird. Even the latest Npcap 0.08 r3's driver files were signed in July, 24. So according to the condition 3., Npcap driver should work without signature issues. I don't know why you encounter this issue. Moreover, I have tried to reproduce this issue but I couldn't. I have installed a fresh Win10 1607 x64 in my VMware Workstation 12, but Npcap 0.08 r3 installs successfully. From But why still can't reproduce this issue? It seems that the only reason is the secure boot. My secure boot cheating doesn't work. Unfortunately, I don't have an available machine for me to install Win 10 1607, so I have to use a VM here. Do you know any other ways to get a Win 10 VM with the secure boot support? Like using VirtualBox? or using a remote machine from providers like Amazon, etc.? |
A useful Q&A with Microsoft: Windows Hardware Dev Center: Windows Hardware Dev Center Dashboard: |
I my case everything happens, like it described in the article. |
@zdm , OK. I found hyper-V supports secure boot in VMs. And I have reproduced your issue with Npcap 0.08 r4 in my VM. We will discuss about how to improve our signing method. Thanks for reporting this issue! @fyodor , can you register an account here: https://sysdev.microsoft.com/en-us/hardware/signup/ ? So we can log in to see what's going on there. |
Any updates about the signing problem? |
@BavoB @mhoes @marlop352 @zdm @sanitybit, We have obtained an EV code signing certificate and are in the process of figuring out how to best accomplish the Dev Portal signing in such a way that it supports all versions of Windows from 7 through 10. Since you have each experienced problems with the driver signing issue, we are asking you to help us test a couple candidate builds of the latest Npcap 0.78 r2: First, we have built If that should fail, we have an installer with Microsoft Attestation-signed drivers. The drivers were cross-signed by Microsoft through the Dev Portal after we signed them with our EV cert, and will most likely work with Windows 10, any release. Unfortunately, the do NOT work with previous versions. If the first installer (EV-only) works for Win10 1607, then we can be done. If only the second one (attestation signed) works, then we will have to multiply again the drivers we ship: SHA-1-signed for Win7, EV-signed for Win8, and attestation-signed for Win10. Please let us know at your earliest convenience which of these installers works for you, if any. NOTE: these URLs are not permanent. Once we get a configuration finalized, we'll remove them and you can go back to obtaining Npcap through the Github releases page. |
I am ready for testing.
…On 10.12.2016 01:51, Daniel Miller wrote:
@BavoB <https://github.com/BavoB> @mhoes <https://github.com/mhoes>
@marlop352 <https://github.com/marlop352> @zdm <https://github.com/zdm>
@sanitybit <https://github.com/sanitybit>,
We have obtained an EV code signing certificate and are in the process
of figuring out how to best accomplish the Dev Portal signing in such a
way that it supports all versions of Windows from 7 through 10. Since
you have each experienced problems with the driver signing issue, we are
asking you to help us test a couple candidate builds of the latest Npcap
0.78 r2:
First, we have built an installer with drivers signed directly by our EV
cert <https://nmap.org/tmp/c/npcap-0.78-r2-ev.exe>. This works on
earlier versions of Windows, but we have not tested yet whether it works
on Windows 10 1607, which is of course the primary problem. If this
works for you on the Anniversary Update, we can begin shipping
installers with this configuration right away.
If that should fail, we have an installer with Microsoft
Attestation-signed drivers
<https://nmap.org/tmp/c/npcap-0.78-r2-attestation.exe>. The drivers were
cross-signed by Microsoft through the Dev Portal after we signed them
with our EV cert, and will most likely work with Windows 10, any
release. Unfortunately, the do NOT work with previous versions.
If the first installer (EV-only) works for Win10 1607, then we can be
done. If only the second one (attestation signed) works, then we will
have to multiply again the drivers we ship: SHA-1-signed for Win7,
EV-signed for Win8, and attestation-signed for Win10.
Please let us know at your earliest convenience which of these
installers works for you, if any.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://github.com/nmap/nmap/issues/492#issuecomment-266155235>, or
mute the thread
<https://github.com/notifications/unsubscribe-auth/AA-mSD4qnemlWZMTaao_4e1PjvZbU546ks5rGel2gaJpZM4JekI0>.
|
Only the second one (attestation signed) works!
Thank you very much,
Bavo
From: Daniel Miller [mailto:notifications@github.com]
Sent: zaterdag 10 december 2016 0:51
To: nmap/nmap <nmap@noreply.github.com>
Cc: BavoB <bavo.bostoen@hotmail.com>; Mention <mention@noreply.github.com>
Subject: Re: [nmap/nmap] [npcap] - wireshark stopped see adapters after windows 10 updated to "annivarsary edition" (#492)
@BavoB<https://github.com/BavoB> @mhoes<https://github.com/mhoes> @marlop352<https://github.com/marlop352> @zdm<https://github.com/zdm> @sanitybit<https://github.com/sanitybit>,
We have obtained an EV code signing certificate and are in the process of figuring out how to best accomplish the Dev Portal signing in such a way that it supports all versions of Windows from 7 through 10. Since you have each experienced problems with the driver signing issue, we are asking you to help us test a couple candidate builds of the latest Npcap 0.78 r2:
First, we have built an installer with drivers signed directly by our EV cert<https://nmap.org/tmp/c/npcap-0.78-r2-ev.exe>. This works on earlier versions of Windows, but we have not tested yet whether it works on Windows 10 1607, which is of course the primary problem. If this works for you on the Anniversary Update, we can begin shipping installers with this configuration right away.
If that should fail, we have an installer with Microsoft Attestation-signed drivers<https://nmap.org/tmp/c/npcap-0.78-r2-attestation.exe>. The drivers were cross-signed by Microsoft through the Dev Portal after we signed them with our EV cert, and will most likely work with Windows 10, any release. Unfortunately, the do NOT work with previous versions.
If the first installer (EV-only) works for Win10 1607, then we can be done. If only the second one (attestation signed) works, then we will have to multiply again the drivers we ship: SHA-1-signed for Win7, EV-signed for Win8, and attestation-signed for Win10.
Please let us know at your earliest convenience which of these installers works for you, if any.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://github.com/nmap/nmap/issues/492#issuecomment-266155235>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADg7cTm5DQ9q3g4T0YDPHCkejCKvbfpvks5rGel2gaJpZM4JekI0>.
|
Win10 with secure boot enabled:
|
Hi,
With the installer with drivers signed directly by your EV cert
(npcap-0.78-r2-ev.exe), I got the following error twice during
installation: "Failed to install the npcap service". The installer did
march onwards to the end though, as if nothing bad had happened.
The installer with Microsoft Attestation-signed drivers
(npcap-0.78-r2-attestation.exe) works, and afterwards capture with
wireshark is possible.
Small note: During the uninstall of both of the above, the npcap loopback
adapter remained installed, leaving me after installing/uninstalling both
with two remaining npcap loopback adapters I had to uninstall manually
through windows device manager. Both that's probably for another day and
bug report.
…On Sat, Dec 10, 2016 at 12:51 AM, Daniel Miller ***@***.***> wrote:
@BavoB <https://github.com/BavoB> @mhoes <https://github.com/mhoes>
@marlop352 <https://github.com/marlop352> @zdm <https://github.com/zdm>
@sanitybit <https://github.com/sanitybit>,
We have obtained an EV code signing certificate and are in the process of
figuring out how to best accomplish the Dev Portal signing in such a way
that it supports all versions of Windows from 7 through 10. Since you have
each experienced problems with the driver signing issue, we are asking you
to help us test a couple candidate builds of the latest Npcap 0.78 r2:
First, we have built an installer with drivers signed directly by our EV
cert <https://nmap.org/tmp/c/npcap-0.78-r2-ev.exe>. This works on earlier
versions of Windows, but we have not tested yet whether it works on Windows
10 1607, which is of course the primary problem. If this works for you on
the Anniversary Update, we can begin shipping installers with this
configuration right away.
If that should fail, we have an installer with Microsoft
Attestation-signed drivers
<https://nmap.org/tmp/c/npcap-0.78-r2-attestation.exe>. The drivers were
cross-signed by Microsoft through the Dev Portal after we signed them with
our EV cert, and will most likely work with Windows 10, any release.
Unfortunately, the do NOT work with previous versions.
If the first installer (EV-only) works for Win10 1607, then we can be
done. If only the second one (attestation signed) works, then we will have
to multiply again the drivers we ship: SHA-1-signed for Win7, EV-signed for
Win8, and attestation-signed for Win10.
Please let us know at your earliest convenience which of these installers
works for you, if any.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://github.com/nmap/nmap/issues/492#issuecomment-266155235>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ANiXM0KHgp2nUwUYG2ZBEeryY-dG4FGXks5rGel2gaJpZM4JekI0>
.
|
Yes, I can confirm, that Npcap loopback adapters are not uninstalled and
can be removed only from devices manager.
…On 10.12.2016 12:11, mhoes wrote:
Hi,
With the installer with drivers signed directly by your EV cert
(npcap-0.78-r2-ev.exe), I got the following error twice during
installation: "Failed to install the npcap service". The installer did
march onwards to the end though, as if nothing bad had happened.
The installer with Microsoft Attestation-signed drivers
(npcap-0.78-r2-attestation.exe) works, and afterwards capture with
wireshark is possible.
Small note: During the uninstall of both of the above, the npcap loopback
adapter remained installed, leaving me after installing/uninstalling both
with two remaining npcap loopback adapters I had to uninstall manually
through windows device manager. Both that's probably for another day and
bug report.
On Sat, Dec 10, 2016 at 12:51 AM, Daniel Miller ***@***.***>
wrote:
> @BavoB <https://github.com/BavoB> @mhoes <https://github.com/mhoes>
> @marlop352 <https://github.com/marlop352> @zdm <https://github.com/zdm>
> @sanitybit <https://github.com/sanitybit>,
>
> We have obtained an EV code signing certificate and are in the process of
> figuring out how to best accomplish the Dev Portal signing in such a way
> that it supports all versions of Windows from 7 through 10. Since you have
> each experienced problems with the driver signing issue, we are asking you
> to help us test a couple candidate builds of the latest Npcap 0.78 r2:
>
> First, we have built an installer with drivers signed directly by our EV
> cert <https://nmap.org/tmp/c/npcap-0.78-r2-ev.exe>. This works on earlier
> versions of Windows, but we have not tested yet whether it works on
Windows
> 10 1607, which is of course the primary problem. If this works for you on
> the Anniversary Update, we can begin shipping installers with this
> configuration right away.
>
> If that should fail, we have an installer with Microsoft
> Attestation-signed drivers
> <https://nmap.org/tmp/c/npcap-0.78-r2-attestation.exe>. The drivers were
> cross-signed by Microsoft through the Dev Portal after we signed them with
> our EV cert, and will most likely work with Windows 10, any release.
> Unfortunately, the do NOT work with previous versions.
>
> If the first installer (EV-only) works for Win10 1607, then we can be
> done. If only the second one (attestation signed) works, then we will have
> to multiply again the drivers we ship: SHA-1-signed for Win7,
EV-signed for
> Win8, and attestation-signed for Win10.
>
> Please let us know at your earliest convenience which of these installers
> works for you, if any.
>
> —
> You are receiving this because you were mentioned.
> Reply to this email directly, view it on GitHub
> <https://github.com/nmap/nmap/issues/492#issuecomment-266155235>, or mute
> the thread
>
<https://github.com/notifications/unsubscribe-auth/ANiXM0KHgp2nUwUYG2ZBEeryY-dG4FGXks5rGel2gaJpZM4JekI0>
> .
>
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://github.com/nmap/nmap/issues/492#issuecomment-266197318>, or
mute the thread
<https://github.com/notifications/unsubscribe-auth/AA-mSPd4xt6cJsIEQD6vSTDxoeLx6cLsks5rGnq9gaJpZM4JekI0>.
|
@mhoes @zdm , I have fixed this Please try the installer at: https://github.com/nmap/npcap/releases Note: this version still doesn't support Win10 1607 with Secure Boot on. Only the |
0.78 r2-ev does not work(fails to create services) 0.78 r2-atestation works with 0.78 r4 windows gives an error after installation saying that it blocked the installation of a driver not digitally signed |
@marlop352 , Npcap 0.78 r4 still doesn't support Win10 1607 with Secure Boot on. Only the Microsoft Attestation-signed version Npcap released by Dan supports it. You can wait for Dan to release a 0.78 r4 version. |
@hsluoyz thought so, reported it because the error was different from what I remember happening when using the normal installer I don't know how you generate the installer of how this specific one works, but can't it have the two types of binaries(normal and attestation) and choose which to use by detecting what system it's been run from? |
Hallo,
OK to recap: with secure boot on a fresh install of Win10 x64 v1607: only driver’s signed by EV cert of software vendor (you guys) + cross-signed by MS (attestation) will work. For kernel drivers this will probably always be the case going forward.
As I think running Win10 without secure boot is pointless, even more so in the near future (a lot of features seem to build on it), please make it straightforward to download the version we need + also when integrated into Nmap.
Probably for Nmap distribution it only makes sense to include the ‘attested’ version, as that would work on all systems, also downlevel (win8.1-win7): am I correct?
Finally another (small) related problem which I will mention for completeness sake: I also run Hyper-V (not sure if this fact is related, probably not) but if I install a new NPCAP version over the previous one - I never bother to uninstall manually - then each install adds a new LAN adapter: they are called Ethernet2, 3, 4 etc, but in the details tab of the properties “NPCAP Loopback Adapter” is mentioned in the description field. This is probably the same (or very related) problem, in that the installer doesn’t do a cleanup as part of the new install, or else there is an uninstall routine included but it did not work. So the old adapters are renamed to Ethernet2, 3 etc, to make room for the ‘new’ one…
Best,
Bavo
From: Yang Luo [mailto:notifications@github.com]
Sent: zondag 11 december 2016 3:29
To: nmap/nmap <nmap@noreply.github.com>
Cc: BavoB <bavo.bostoen@hotmail.com>; Mention <mention@noreply.github.com>
Subject: Re: [nmap/nmap] [npcap] - wireshark stopped see adapters after windows 10 updated to "annivarsary edition" (#492)
@marlop352<https://github.com/marlop352> , Npcap 0.78 r4 still doesn't support Win10 1607 with Secure Boot on. Only the Microsoft Attestation-signed version Npcap released by Dan supports it. You can wait for Dan to release a 0.78 r4 version.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://github.com/nmap/nmap/issues/492#issuecomment-266256426>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADg7cVuY7x9RJuPa0ANuwWnC_-ydj729ks5rG1_RgaJpZM4JekI0>.
|
1. FINAL REMARK: the adapters are called Ethernet2, 3, 4 in the ‘Network & sharing Center’ and ‘Network connections’ windows.
In device manager they are however all called identically “NPCAP Loopback Adapter” ==> they also have the same driver version 10.0.14393.0 ; so I don’t really know which one I can safely uninstall.
2. I’m getting marked as spam by GitHub for some reason, but I’m legit (I swear ;-)
Best,
Bavo
===========================
Hallo,
OK to recap: with secure boot on a fresh install of Win10 x64 v1607: only driver’s signed by EV cert of software vendor (you guys) + cross-signed by MS (attestation) will work. For kernel drivers this will probably always be the case going forward.
As I think running Win10 without secure boot is pointless, even more so in the near future (a lot of features seem to build on it), please make it straightforward to download the version we need + also when integrated into Nmap.
Probably for Nmap distribution it only makes sense to include the ‘attested’ version, as that would work on all systems, also downlevel (win8.1-win7): am I correct?
Finally another (small) related problem which I will mention for completeness sake: I also run Hyper-V (not sure if this fact is related, probably not) but if I install a new NPCAP version over the previous one - I never bother to uninstall manually - then each install adds a new LAN adapter: they are called Ethernet2, 3, 4 etc, but in the details tab of the properties “NPCAP Loopback Adapter” is mentioned in the description field. This is probably the same (or very related) problem, in that the installer doesn’t do a cleanup as part of the new install, or else there is an uninstall routine included but it did not work. So the old adapters are renamed to Ethernet2, 3 etc, to make room for the ‘new’ one…
Best,
Bavo
From: Yang Luo [mailto:notifications@github.com]
Sent: zondag 11 december 2016 3:29
To: nmap/nmap <nmap@noreply.github.com>
Cc: BavoB <bavo.bostoen@hotmail.com>; Mention <mention@noreply.github.com>
Subject: Re: [nmap/nmap] [npcap] - wireshark stopped see adapters after windows 10 updated to "annivarsary edition" (#492)
@marlop352<https://github.com/marlop352> , Npcap 0.78 r4 still doesn't support Win10 1607 with Secure Boot on. Only the Microsoft Attestation-signed version Npcap released by Dan supports it. You can wait for Dan to release a 0.78 r4 version.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://github.com/nmap/nmap/issues/492#issuecomment-266256426>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADg7cVuY7x9RJuPa0ANuwWnC_-ydj729ks5rG1_RgaJpZM4JekI0>.
|
Everyone, Sorry for the confusion. I had a misconfiguration that caused our EV-signed drivers to not validate, so they were not working on any system. Now they work on Windows 8 at least, and I would appreciate a test with Windows 10 1607. Here is the download link for Npcap 0.78 r4, EV cert. |
Hi,
I can install npcap-0.78-r4-ev.exe without errors, and can capture traffic
after installation with Wireshark. I do get a Windows Security pop-up
though, asking me 'Would you like to install this device software ?", with
an option to 'Always trust software from Insecure.Com LLC". Also, the npcap
loopback adapter now does get removed when uninstalling npcap.
Running Windows Home 64-bit Version 1607 (OS Build 14393.479), secure boot
enabled in my UEFI firmware, and I did an upgrade from Windows 7 to Windows
10, not a clean install.
…On Mon, Dec 12, 2016 at 12:57 AM, Daniel Miller ***@***.***> wrote:
Everyone,
Sorry for the confusion. I had a misconfiguration that caused our
EV-signed drivers to not validate, so they were not working on any system.
Now they work on Windows 8 at least, and I would appreciate a test with
Windows 10 1607. Here is the download link for Npcap 0.78 r4, EV cert
<https://nmap.org/tmp/c/npcap-0.78-r4-ev.exe>.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://github.com/nmap/nmap/issues/492#issuecomment-266318363>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ANiXM8_g-OSkRDPRpwllE2e2w69JDB-2ks5rHI4HgaJpZM4JekI0>
.
|
@ mhoes: which probably proves the point. For Win10 1607 with secure boot enabled (freshly installed, but as your experience shows even for upgrades depending on who knows what) you need attestation, no way around it. |
@BavoB: Perhaps I understand you incorrectly (or you incorrectly understood
me), but I said that I *can* install pcap-0.78-r4-ev.exe (I thought that
this was a EV-signed driver, and not the attestation-signed drivers)
without errors; in other words, that it *does* work for me.
…On Tue, Dec 13, 2016 at 2:21 PM, BavoB ***@***.***> wrote:
@ mhoes: which probably proves the point. For Win10 1607 with secure boot
enabled (freshly installed, but as your experience shows even for upgrades
depending on who knows what) you need attestation, no way around it.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://github.com/nmap/nmap/issues/492#issuecomment-266736532>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ANiXM0FIqDqKlF9_k6nz3hgJf4vthvk7ks5rHpvAgaJpZM4JekI0>
.
|
Oops sorry my bad.
From: mhoes [mailto:notifications@github.com]
Sent: dinsdag 13 december 2016 15:52
To: nmap/nmap <nmap@noreply.github.com>
Cc: BavoB <bavo.bostoen@hotmail.com>; Mention <mention@noreply.github.com>
Subject: Re: [nmap/nmap] [npcap] - wireshark stopped see adapters after windows 10 updated to "annivarsary edition" (#492)
@BavoB: Perhaps I understand you incorrectly (or you incorrectly understood
me), but I said that I *can* install pcap-0.78-r4-ev.exe (I thought that
this was a EV-signed driver, and not the attestation-signed drivers)
without errors; in other words, that it *does* work for me.
On Tue, Dec 13, 2016 at 2:21 PM, BavoB ***@***.******@***.***>> wrote:
@ mhoes: which probably proves the point. For Win10 1607 with secure boot
enabled (freshly installed, but as your experience shows even for upgrades
depending on who knows what) you need attestation, no way around it.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://github.com/nmap/nmap/issues/492#issuecomment-266736532>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ANiXM0FIqDqKlF9_k6nz3hgJf4vthvk7ks5rHpvAgaJpZM4JekI0>
.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://github.com/nmap/nmap/issues/492#issuecomment-266758366>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADg7cfwY5IA6iO9jpW5UKeQSZ41hlcymks5rHrEpgaJpZM4JekI0>.
|
If you choose |
OK, although (our) best practices state the opposite ;-).
From: Yang Luo [mailto:notifications@github.com]
Sent: dinsdag 13 december 2016 16:54
To: nmap/nmap <nmap@noreply.github.com>
Cc: BavoB <bavo.bostoen@hotmail.com>; Mention <mention@noreply.github.com>
Subject: Re: [nmap/nmap] [npcap] - wireshark stopped see adapters after windows 10 updated to "annivarsary edition" (#492)
@BavoB<https://github.com/BavoB>
I got the Windows Security pop-up 'Would you like to install this device software ?", to which I answered 'no'
If you choose no here, then you will always fail the driver install no matter how our driver is signed. So please choose yes.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://github.com/nmap/nmap/issues/492#issuecomment-266775860>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADg7cYwZfuKdsJWSNme5B3V91o7W12kKks5rHr9-gaJpZM4JekI0>.
|
It appears to me as if two things are getting mixed up here, but I may be wrong ? (I made a screenshot of the pop-up I get, yours may be different). In the pop-up, there are actually two related, but different, things. First of all, there is a 'checkbox' that you can check if you always want to trust drivers singed by "Insecure.Com LLC". You don't have to check that box, but you can. I'm guessing that if you do check the box to always trust the signer that you will never get this pop-up again, and that you will get the pop-up again if you don't. Then there are the 'install' and 'dont install' buttons. If you want to install the driver (and I'm guessing that you want to) then you must click the button that says 'install'. If you haven't checked the checkbox in combination with clicking on 'install', you will only trust the signer once, for this install only, instead of always. |
0.78 r4-ev still gives me the same error as 0.78 r4 even if I mark the always trust box(witch does not appear on 0.78 r4) (checking that box should have made it accept the driver I think) Windows 10 Pro 1607 (it's a clean install, not an update from a previous version) with secure boot enabled |
Ok, all: I just published Npcap 0.78 r5, which has attestation-signed drivers for Win10 users, dual-signed SHA1/SHA256 drivers with MS Cross-Certs for Windows 8 and earlier. We are back in business! Do let us know if you still experience these problems. |
Hi,
Everything seems to work as expected (Win10 x64 1607 fresh install with secure boot on).
Thanks,
Bavo
From: Daniel Miller [mailto:notifications@github.com]
Sent: donderdag 15 december 2016 19:06
To: nmap/nmap <nmap@noreply.github.com>
Cc: BavoB <bavo.bostoen@hotmail.com>; Mention <mention@noreply.github.com>
Subject: Re: [nmap/nmap] [npcap] - wireshark stopped see adapters after windows 10 updated to "annivarsary edition" (#492)
Ok, all: I just published Npcap 0.78 r5<https://github.com/nmap/npcap/releases/tag/v0.78-r5>, which has attestation-signed drivers for Win10 users, dual-signed SHA1/SHA256 drivers with MS Cross-Certs for Windows 8 and earlier. We are back in business! Do let us know if you still experience these problems.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://github.com/nmap/nmap/issues/492#issuecomment-267398073>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADg7cfwAJBhQkvhLonxrrGJs6zZtX0Goks5rIYGIgaJpZM4JekI0>.
|
Hi,
WORKSFORME: Win10 x64 1607, upgrade from Win7, secure boot on. No pup-ups
during installation asking for permission. Wireshark able to capture
packets as expected. Note: Npcap loopback adapter doesn't get uninstalled
upon npcap uninstall.
…On Thu, Dec 15, 2016 at 7:06 PM, Daniel Miller ***@***.***> wrote:
Ok, all: I just published Npcap 0.78 r5
<https://github.com/nmap/npcap/releases/tag/v0.78-r5>, which has
attestation-signed drivers for Win10 users, dual-signed SHA1/SHA256 drivers
with MS Cross-Certs for Windows 8 and earlier. We are back in business! Do
let us know if you still experience these problems.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://github.com/nmap/nmap/issues/492#issuecomment-267398073>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ANiXMzqQw40KA5t1o0k-T4d3q_qTepAzks5rIYGIgaJpZM4JekI0>
.
|
OK, I had a chance to uninstall 0.78 r4 on a Window Win2012 R2 server + install 0.78 r5 (system with secure boot enabled). My findings, some of which have been reported before:
So I guess there is some progress ;-) I have some questions:
|
Hrm.
On Tue, Dec 20, 2016 at 1:21 PM, BavoB ***@***.***> wrote:
installing 0.78 r5 worked, but I did get the 'failed to create service'
error
If you got a pop-up (not sure), did you remember to click on the 'install'
button this time instead of 'dont install' like you did last time ?
|
Looks like we handled the core issue reported here. If you continue to have problems with uninstalling, please open a new issue so we can track and fix it. Thanks! |
Hi.
Today windows 10 was updated and wireshark don't see network adapters any more.
I am tried to reinstall npcap and wireshark - this wasn't helpful.
Npcap installed in winpcap compat. mode and wireshark detected npcap during install process.
The text was updated successfully, but these errors were encountered: