https://stackoverflow.com/questions/15719682
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianSadly, this is Windows, so WinPcap won't help; libpcap 1.1.0 and later can read pcap-ng files, but there is currently no version of WinPcap based on a version of libpcap with pcap-ng support.
I.e., currently, the first piece of software to try would be VirtualBox, Parallels Workstation, or VMware Workstation, and the next piece of software to try would be some Linux distribution running on your Windows machine under the virtualization software. Sorry.
(Yes, I have to find the time to do some libpcap infrastructure work to make it easier for the WinPcap people to make their remote capture support work with newer versions of libpcap. Sadly, there are only 24 hours in a day, and a ton of other things to do competing for the hours that remain after such frivolities as eating and sleeping. :-))
A workaround for that particular issue would be either to save a capture from Wireshark in pcap format rather than pcap-ng format or to use Wireshark tools such as editcap (which can handle pcap-ng files on Windows, as they don't use libpcap/WinPcap to read capture files) to convert from pcap-ng to pcap.
There are a couple of Python wrappers for libpcap/WinPcap - python-libpcap and Pcapy. The python-libpcap page has a daemon and a penguin on it, so they're only advertising BSD and Linux support; it might work on other UN*Xes, as there shouldn't be major differences in the way you hook into libpcap, but might not work on Windows. Pcapy, however, explicitly mentions WinPcap and Win32 binaries.
