From what I've read, silent installation capability was removed from the nullsoft installer provided here since it would be easy to turn this into malware: http://www.winpcap.org/install/default.htm

A Wise Capture will not work because the installer is changing several HKLM/System/CurrentControlSet/Class keys based on hardware enumeration. I could potentially capture everything but the key changes and script them, but I have no idea where it is getting it's information, as there are several device ID's being writen. I have captured activity with regmon but it's massive.

This is specific to etheral apparently, because I do not have access to those files.
http://www.appdeploy.com/packages/detail.asp?id=534

And this would'nt be silent:
http://itninja.com/question/antivirus-packaging76

Any help would be appreciated.
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
Is there a file manifest? A log with the registry entries?

Since it looks to be share/free ware you may be out of luck on support, but usually the authors are fairly open about the documentation. That's the avenue I'd pursue if I had to package this.
Answered 12/12/2007 by: aogilmor
Ninth Degree Black Belt

Please log in to comment
0
I can record the registry changes using regmon, but those changes involve keys that are hardware dependant device ID's for all network cards and COM ports. There are about 800 actions from queries to changes, and creations.

Turns out we contacted Cisco and OPNET, and they are going to start working on a silent version of the agent. Since one is provided with a commercial lisence, I assume this is nothing more than OPNET or Cisco buying it and adding it to the installer. I have tried to figure out the logic of the installer, record it and play it back, but I don't have the resources to test how it is affected by dual or more nics and thier configurations, diff COM configs, and the likes.

OPNet was not open about the documentation of the installer, all they provided me with were options to purchace the commercial version.
Answered 12/12/2007 by: Jahya
Senior Yellow Belt

Please log in to comment
0
Hardware is tricky to (re)package because it's usually lower level stuff than application files. It's good you're getting some vendor support on that.
Answered 12/12/2007 by: aogilmor
Ninth Degree Black Belt

Please log in to comment
Answer this question or Comment on this question for clarity