Incompatibility with nmap based products such as Wireshark

Updated 2 months ago by admin

There is a known compatibility issue with the Windows agent and products that use the nmap library (versions below 0.9988) within the Windows Filtering Platform (WFP) framework, due to a bug in the nmap code. This can cause a conflict with the agent when a number of third party products are also installed, such as:

  • Older versions of Wireshark
  • Kaspersky Endpoint Security
  • ESET Endpoint Security
  • Products that use NMAP 0.9988 or below
  • Products that use PCAP
For more information about the issue please see the nmap Github page

The most common solution is to update the third party software or ensure that nmap version 0.9988 or above is present on the system.

If the USS Agent detects a failure with nmap then it will gracefully stop intercepting requests and display a warning to the user.

Workaround

Installing version 0.997 or later of the npcap library provides a workaround to the issue.

  1. Download the 0.997 version of npcap or later
  2. Install the new version of npcap on the machine running the problematic software and the USS Agent for Windows
  3. Reboot
  4. In some cases, if the problem persists you will need to re-install the problematic software and then reboot once more


How did we do?