Is It Possible to Lock an Installed Npcap From Being Used, For Data Security Reasons?
Hi all
If you install Wireshark on a Windows 10 computer,
you will also have NPcap installed, as a Windows Driver,
in order to do the actual capturing of data, for Wireshark to process and display.
Now as long as you yourself run Wireshark, and use it,
then it's great that Npcap is installed on the computer, and running on it.
The problem is that after you finish using Wireshark (for that day),
Npcap remains installed, and remains enabled as a Driver.
This means that any other software can access it and use it, and very easily capture your data,
since you yourself so nicely installed it and enabled it to work on your computer.
Now generally programs don't do that,
but a malicious one can use that to its advantage.
So my question:
Is there a way to have Npcap installed, yet Locked most of the time,
so eventho it's installed, no-one (or no program) can use it to capture data on that computer,
and then, only when you, the person who installed it (and locked it) want to use it,
you will temporarily unlock it (or enable it), which means it will now capture data and Wireshark will get it,
and then once done for that day, Lock it back.
Does such a feature exist?
Or if not, is there anything similar that can be used to achieve the same goal?
Thank you