From my driver, I want to know if a third-party service (Microsoft FTP
Service) is currently running on the same machine. There doesn’t seem to be
any kernel-mode hooks into the SCM, and I couldn’t find the current state of
services anywhere in the registry.
Is there any easy way to do this?
The non-easy ways are:
– create a service which talks to the SCM and have a pipe to the
driver for that purpose
– open a kernel-mode socket to port 21 (FTP) to see if it’s alive
Thanks for any pointers!