How to upgrade Nmap to a new WinPcap release (2007) --------------------------------------------------- 1) Download the latest version of WinPcap from www.winpcap.org and make a note of the version (for example 4.0). 2) Remove all instances of WinPcap (through Add/Remove Programs), then install the new version. 2a) Update the LICENSE file, if necessary. I couldn't find a plain WinPcap license file anywhere. There's an HTML version at http://www.winpcap.org/misc/copyright.htm. You can copy and paste the license text from the installer into the LICENSE file. 3) Copy the installed files into the mswin32/winpcap directory. The installed files at time of writing are C:\Program Files\WinPcap\rpcapd.exe C:\Windows\system32\Packet.dll C:\Windows\system32\pthreadVC.dll C:\Windows\system32\WanPacket.dll C:\Windows\system32\wpcap.dll C:\Windows\system32\drivers\npf.sys 4) Copy the Vista version of Packet.dll. This is tricky because there are several (three, as of this writing) versions of Packet.dll in the installer but only one is installed at a time. You can see all the versions by opening the installer with 7-Zip (http://www.7-zip.org/). Select the installer within 7-Zip and click "File", "Open Inside". Enter the $SYSDIR subdirectory. One by one, extract (you can drag and drop) the copies of Packet.dll somewhere. Right-click on each Packet.dll, click "Properties", then select the "Version" tab. The "Description:" field will have a string containing "NT4", "NT5", or "Vista". When you find the Vista file copy it to vista/Packet.dll. 5) Open winpcap-nmap.nsi. 5a) Change the version for the following lines: Name "WinPcap (Nmap) X.X" OutFile "winpcap-nmap-X.X.exe WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "DisplayName" "winpcap-nmap X.X" 5b) Get the internal 'FileVersion' from wpcap.dll. Right-click on wpcap.dll and select "Properties", then select the "Version" tab. Copy the number there into this part of winpcap-nmap.nsi: var /GLOBAL my_ver StrCpy $my_ver "X.X.X.X" <-- file version goes here 6) Generate installer exe by compiling winpcap-nmap.nsi using the running the command makensis winpcap-nmap.nsi makensis is part of the "Nullsoft Scriptable Install System" at http://nsis.sourceforge.net/. 7) Give the installer a test, make sure the correct version appears in the installer's name and in Add/Remove Programs. You may also want to try installing it when it is already installed or an older version is installed. 8) Open mswin32/nsis/Nmap.nsi and update the references to the winpcap installer's name. You should only have to change the version number. The section you need to look at starts like this: Section "WinPcap X.X" SecWinPcap 9) Download the WinPcap developer package (http://www.winpcap.org/devel.htm) and replace all the files in mswin32/lib/ with the new versions inside the package. 10) Build the Nmap installer. The best way to do this is to run "make" in the mswin32 directory. This will build Nmap and run makensis for you. Test the installer. You may want to try it with Nmap already installed and with different versions installed. Also check that everything appears in Add/Remove Programs correctly. 11) Test Nmap functionallity that uses WinPcap (raw packet scans, raw packet pings, traceroute). 12) Sit back and have a cup of coffee, you deserve it :)