When I run windump like below :

[C:\Documents and Settings\Administrator]windump -D
1.\Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture)
2.\Device\NPF_{E68F1A73-0AFF-4AD5-8C11-11F3E863B870} (3Com EtherLink PCI)
3.\Device\NPF_{EE479CD9-E726-4387-A16D-BA6262120DEB} (3Com EtherLink PCI)



[C:\Documents and Settings\Administrator]windump -i 2
windump: listening on \Device\NPF_{E68F1A73-0AFF-4AD5-8C11-11F3E863B870}

Which switch key should I use to quit the above command (listening on,,,,etc) ?

Regards

http://www.winpcap.org/windump/docs/manual.htm

I see you asking these questions on Security Forums as well. AltDon is one of the best in the business for these applications. I am sure he will be very helpful.

Thanks M/Q
I see you asking these questions on Security Forums as well.
While I was searching Google, I found that these type of questions were asked in that forum, therefore I asked other questions in that forum.

I am sure he will be very helpful.
He is very helpful.

http://www.winpcap.org/windump/docs/manual.htm
I was aware of the link above, but i could not know what to search for within that manual, then I found the answer in the link below :
http://searchwindowssecurity.techtarget.com/tip/0,289483,sid45_gci1147392,00.html

When you quit the program (usually by hitting Ctrl-Break), the program writes out a report to the console,,,,and I tried Ctrl-C it worked as well

Regards

Great, I found that in the manual as well, hence why I published it.

Alt.Don is one of the premier packet analysis experts around as well as a very good writer. He has several articles about packet research on WindowsSecurity.com or just google Don Parker.

Great, I found that in the manual as well, hence why I published it.
For future reference , did you mean to point to the quote below ?

Tcpdump will, if not run with the -c flag, continue capturing packets until it is interrupted by a SIGINT signal (generated, for example, by typing your interrupt character, typically control-C)

Regards

Yes sir.