Someone made portable versions of ethereal, ngrep, nmap, showtraf, snort, tcpdump, and nemesis by recompiling with a portable packet lib...
Repeat: His didn't need WinPCap installed.
His email is: BOBAH.XPEHOB@GMAIL.COM
(His site's dead but google has a cache of the main page)
His Google Newsgroup is still up though.
The library's site is here
And it can be downloaded here
About Packet Sniffer SDK (from developers' site):
Packet Sniffer SDK is a library set for packet capture and network analysis for all Win32 platforms.
The main features of the Packet Sniffer SDK library are:
- Any pre-installed packet drivers are NOT required;
- Support of 1GBit networks;
- Support of all modern development environments for Windows;
- All PSSDK editions (ActiveX, VCL, DLL, and static libraries) are compiled from the same well-optimized C code. Therefore you may be assured that any Packet Sniffer SDK improvement is implemented in all its editions;
- Support of multiprocessor (SMP) systems;
- Support of packet filtering by BPF (BSD Packet Filter, user-settable packet filters) on the internal packet driver level;
- Support of new FastBPF technology (Just-In-Time BPF filters compilation, works approximately 6 times faster than "classic" BPF filtering);
- Support of packet generation and sending functions;
- Support of local TCP/UDP traffic capturing with binding it to processes (including loopback traffic);
- Assembling of TCP sessions in data streams;
- High-performance traffic delivering to application and buffering it using queue mechanism;
- Support of BPF assembler for BPF filters programming;
- Support of disassembling BPF filters to BPF assembler source texts;
All editions of Packet Sniffer SDK components/libraries contain internal packet driver, which is dynamically loaded/unloaded when the application, using Packet Sniffer SDK, is launched/closed.