I tested out a TDI hooking driver(Network-packet filtering driver). By the
way, I met a problem.
I made a rule which can control access to shared-folder of my computer
from other computers.
At first, I removed this rule and let other computers come into my
shared-folder. One computer(A-machine) connected to my shared-folder and
did something(file open or etc). And then A-machine disconnected.
The next, I applied rule to deny access to my shared-folder.
By the way, A-machine could access to my shared-folder as before.
If A-machine try to access after several minutes, from that moment, access
denied.
Is this problem due to session or other reasons?
How should i solve this problem?
Ask advice.
As I responded in another forum, you need a filesystem filter to give
you proper visibilty at the file/directory level.
mynam wrote:
I tested out a TDI hooking driver(Network-packet filtering driver). By the
way, I met a problem.
I made a rule which can control access to shared-folder of my computer
from other computers.
At first, I removed this rule and let other computers come into my
shared-folder. One computer(A-machine) connected to my shared-folder and
did something(file open or etc). And then A-machine disconnected.
The next, I applied rule to deny access to my shared-folder.
By the way, A-machine could access to my shared-folder as before.
If A-machine try to access after several minutes, from that moment, access
denied.
Is this problem due to session or other reasons?
How should i solve this problem?
Ask advice.
Of course, if the redirector on machine A is really communicating with
the server on every directory open, then your method of blocking all net
traffic from A should cause some sort of failure. Can someone who knows
more about the SMB/CIFS protocol jump in here?
Nick Ryan wrote:
As I responded in another forum, you need a filesystem filter to give
you proper visibilty at the file/directory level.
mynam wrote:
> I tested out a TDI hooking driver(Network-packet filtering driver). By
> the
> way, I met a problem.
>
> I made a rule which can control access to shared-folder of my computer
> from other computers.
> At first, I removed this rule and let other computers come into my
> shared-folder. One computer(A-machine) connected to my shared-folder and
> did something(file open or etc). And then A-machine disconnected.
> The next, I applied rule to deny access to my shared-folder.
> By the way, A-machine could access to my shared-folder as before.
> If A-machine try to access after several minutes, from that moment,
> access
> denied.
>
> Is this problem due to session or other reasons?
> How should i solve this problem?
> Ask advice.
>
>