Wednesday, March 21, 2012

How to install Wireshark on Windows 8

The title of this could also be "How to install WinPcap on Windows 8" or "How to install NetScanTools Pro on Windows 8". WinPcap is the packet capture driver used in both Wireshark and NetScanTools Pro (and LE). If you try to run the Wireshark installer, everything appears to install OK until you get to the WinPcap installer that it launches separately. The WinPcap installer refuses to run and shows an error about an unsupported operating system.

The solution is to run your installer in compability mode. Here's how:

1. from within Windows 8 (32 or 64 bit) get to the desktop and launch Windows Explorer.

2. locate your installer file, example: wireshark-win32-1.6.2.exe and right click on it to bring up the menu.

3. select "Troubleshoot compatibility" and wait a few seconds for it to do it's thing. Then click on "Try recommended settings". It will most likely show Windows Compatibility Mode of Windows XP (service pack 3).

4. Click on "Test the program..." the installer will start - follow the installer directions as you normally would. When you get to actually running the WinPcap installer you may see a message "This program has compatibility issues" - select "Run the program without getting help". WinPcap should now install.

5. When it's all done, click on Cancel instead of Next back on the Program Compatibility Troubleshooter window.

The problem is not Wireshark or NetScanTools Pro. Those installers both launch the WinPcap installer. It is the WinPcap installer that needs to be updated.

The good part about this is that now Wireshark now properly captures packets and NetScanTools Pro can both send and receive packets using WinPcap.

Update Oct 10, 2012: winpcap.org still shows version 4.1.2. With the public release of Windows 8 only a couple weeks away, we still are waiting on an updated WinPcap installer.

Friday, March 9, 2012

First Impressions of Windows 8

My first impressions of Windows 8 Consumer Preview can be summarized in two words: Radical Change.

Why do I say that? because this version of Windows clearly departs from earlier versions. Previous versions always provided backwards compatibility and using it was always obvious to the casual Windows user.

Windows 8 does things like force you to have an active Windows Live/Hotmail account. If that is really true, I know lots of off-the-internet secure labs that won't be happy. After you get past that, you are shown the Metro touchpad interface. While that may be all well and good if you are using a tablet or phone, that doesn't fly for a desktop installation (I put both the 32 and 64 bit versions into VirtualBox VMs). My son says that this looks exactly like the XBox interface.

So playing around with the touchpad interface with a mouse is kind of slow. The icons are huge and anything you install gets put on the right side of the default icons/pads. The two games they installed appear to rely on an internet connection (wonder how that will go over for dialup users - they still exist) and the pinball game was so slow I never even got it to fully load. This is on an 4 core, 8G ram machine...it might be faster natively installed instead of being in VirtualBox.

Going to the desktop that most Windows users are familiar with was pretty easy - there is an icon for that. But wait - the only thing on the desktop is the Recycle Bin and the taskbar only has IE and the Windows Explorer file manager. Where are things like Notepad? calculator? accessories? dare I say COMMAND PROMPT? If I search c:\windows I find the exe's but the casual home user isn't going to find them...trust me on that...I've talked to some home users that didn't know what a file was...

OK - so now I wanted to go back the Metro interface. After a long time I accidentally found that the funny looking Windows button (between ctrl and alt buttons) switches you between the desktop and metro. I never use that button - do you?

I wanted to run regedit just for kicks...guess what, no intuitive way to do that either, so I tried that win button with R. Up popped the run window. So I can do some things....grrrrrrrr

Now to the meat of things. I was able to install NetScanTools Pro/LE/basic on it, but the WinPcap driver install won't let me install. Same goes for Wireshark. The installer works, but WinPcap installer won't work - an unsupported version of Windows. Some people at Riverbed need to get to work on fixing that one soon!

Maybe I'm missing some things, but this version of windows appears to leave desktop and laptop users out in the cold.

Got any hints for me you are willing to share?

More on this topic soon...

Kirk