Hi,
I would like to create a cryptographic module at the kernel level as a
driver to encrypt the data
comming from some applications. we can do that by implementing it as a NDIS
filter driver.
sitting on top the ethernet driver and beneath the TCP/IP(tcpip.sys). But is
it possible for us
to preprocess the data before sending it to the tcp/ip protocol stack
(tcip.sys). I hope we can do that
using TDI. but I am not sure abt it. can some give me some info about the
possible ways of doing this.
Thanks,
Bhanu Gogineni.
The hottest things. The coolest deals. http://www.msn.co.in/Shopping/ Get
them online!
I believe you can do this in user-mode with a Winsock LSP, but anybody
who can get to TCP/IP via a non-Winsock method will get by you.
Bhanu Gogineni wrote:
Hi,
I would like to create a cryptographic module at the kernel level as a
driver to encrypt the data
comming from some applications. we can do that by implementing it as a
NDIS filter driver.
sitting on top the ethernet driver and beneath the TCP/IP(tcpip.sys).
But is it possible for us
to preprocess the data before sending it to the tcp/ip protocol stack
(tcip.sys). I hope we can do that
using TDI. but I am not sure abt it. can some give me some info about
the possible ways of doing this.
Thanks,
Bhanu Gogineni.
The hottest things. The coolest deals. http://www.msn.co.in/Shopping/
Get them online!
–
Nick Ryan (MVP for DDK)
The Windows Network Data and Packet Filtering page at NDIS.com provides a
starting point. See the URL:
http://www.ndis.com/papers/default.htm
Good luck,
Thomas F. Divine
www.pcausa.com
“Nick Ryan” wrote in message news:xxxxx@ntdev…
>
> I believe you can do this in user-mode with a Winsock LSP, but anybody
> who can get to TCP/IP via a non-Winsock method will get by you.
>
> Bhanu Gogineni wrote:
>
> >
> > Hi,
> >
> > I would like to create a cryptographic module at the kernel level as a
> > driver to encrypt the data
> > comming from some applications. we can do that by implementing it as a
> > NDIS filter driver.
> > sitting on top the ethernet driver and beneath the TCP/IP(tcpip.sys).
> > But is it possible for us
> > to preprocess the data before sending it to the tcp/ip protocol stack
> > (tcip.sys). I hope we can do that
> > using TDI. but I am not sure abt it. can some give me some info about
> > the possible ways of doing this.
> >
> > Thanks,
> >
> > Bhanu Gogineni.
> >
> > _________________________________________________________________
> > The hottest things. The coolest deals. http://www.msn.co.in/Shopping/
> > Get them online!
> >
> >
> >
>
> –
> Nick Ryan (MVP for DDK)
>
>
>
Hi Ryan,
Thanks for the info. The applications from which I will be
expecting the network data
will be using the winsock library. so, I have to design a driver which will
attach to the
existing protocol stack some where, so that It could encrpypt the
application data.
Regards,
Bhanu Gogineni.
From: Nick Ryan
>Reply-To: “Windows System Software Devs Interest List”
>
>To: “Windows System Software Devs Interest List”
>Subject: [ntdev] Re: How to create a Winsock filter driver
>Date: Tue, 16 Sep 2003 15:59:58 -0700
>
>I believe you can do this in user-mode with a Winsock LSP, but anybody who
>can get to TCP/IP via a non-Winsock method will get by you.
>
>Bhanu Gogineni wrote:
>
>>
>>Hi,
>>
>> I would like to create a cryptographic module at the kernel level as a
>>driver to encrypt the data
>>comming from some applications. we can do that by implementing it as a
>>NDIS filter driver.
>>sitting on top the ethernet driver and beneath the TCP/IP(tcpip.sys). But
>>is it possible for us
>>to preprocess the data before sending it to the tcp/ip protocol stack
>>(tcip.sys). I hope we can do that
>>using TDI. but I am not sure abt it. can some give me some info about the
>>possible ways of doing this.
>>
>>Thanks,
>>
>>Bhanu Gogineni.
>>
>>
>>The hottest things. The coolest deals. http://www.msn.co.in/Shopping/ Get
>>them online!
>>
>>
>>
>
>–
>Nick Ryan (MVP for DDK)
>
>
>—
>Questions? First check the Kernel Driver FAQ at
>http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@hotmail.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
Talk to Karthikeyan. Watch his stunning feats.
http://server1.msn.co.in/sp03/tataracing/index.asp Download images.
In that case, it looks like you can get away with an LSP instead of a
filter in kernel-mode. It’s always easier to code in user-mode if you
can get away with it. Think hard about if you’ll need to extend your
filtering beyond Winsock some day, however; if so, you’ll be in for a
big re-write.
Bhanu Gogineni wrote:
Hi Ryan,
Thanks for the info. The applications from which I will be
expecting the network data
will be using the winsock library. so, I have to design a driver which
will attach to the
existing protocol stack some where, so that It could encrpypt the
application data.
Regards,
Bhanu Gogineni.
> From: Nick Ryan
>> Reply-To: “Windows System Software Devs Interest List”
>>
>> To: “Windows System Software Devs Interest List”
>> Subject: [ntdev] Re: How to create a Winsock filter driver
>> Date: Tue, 16 Sep 2003 15:59:58 -0700
>>
>> I believe you can do this in user-mode with a Winsock LSP, but anybody
>> who can get to TCP/IP via a non-Winsock method will get by you.
>>
>> Bhanu Gogineni wrote:
>>
>>>
>>> Hi,
>>>
>>> I would like to create a cryptographic module at the kernel level
>>> as a driver to encrypt the data
>>> comming from some applications. we can do that by implementing it as
>>> a NDIS filter driver.
>>> sitting on top the ethernet driver and beneath the TCP/IP(tcpip.sys).
>>> But is it possible for us
>>> to preprocess the data before sending it to the tcp/ip protocol stack
>>> (tcip.sys). I hope we can do that
>>> using TDI. but I am not sure abt it. can some give me some info about
>>> the possible ways of doing this.
>>>
>>> Thanks,
>>>
>>> Bhanu Gogineni.
>>>
>>>
>>> The hottest things. The coolest deals. http://www.msn.co.in/Shopping/
>>> Get them online!
>>>
>>>
>>>
>>
>> –
>> Nick Ryan (MVP for DDK)
>>
>>
>> —
>> Questions? First check the Kernel Driver FAQ at
>> http://www.osronline.com/article.cfm?id=256
>>
>> You are currently subscribed to ntdev as: xxxxx@hotmail.com
>> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>
> Talk to Karthikeyan. Watch his stunning feats.
> http://server1.msn.co.in/sp03/tataracing/index.asp Download images.
>
>
>
–
Nick Ryan (MVP for DDK)
On Tue, 2003-09-16 at 17:24, Bhanu Gogineni wrote:
Hi,
I would like to create a cryptographic module at the kernel level as a
driver to encrypt the data
comming from some applications. we can do that by implementing it as a NDIS
filter driver.
sitting on top the ethernet driver and beneath the TCP/IP(tcpip.sys). But is
it possible for us
to preprocess the data before sending it to the tcp/ip protocol stack
(tcip.sys). I hope we can do that
using TDI. but I am not sure abt it. can some give me some info about the
possible ways of doing this.
You could hook \Device\Tcp, \Device\Udp, and \Device\RawIP, which is a
tricky operation. That is, however, the only way to catch all TCP/IP.
Anywhere higher and you will start to miss some traffic. For example, I
believe James Antognini’s kernel-mode TDI client sample driver directly
opens \Device\Tcp.
-sd
NDIS IM has no access on what process have originated what packet, note this.
Do you want some VPN-like (PPP over IP or TCP) solution? Then write a driver
with CoWAN miniport upper edge and TDI client lower edge.
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
----- Original Message -----
From: “Bhanu Gogineni”
To: “Windows System Software Devs Interest List”
Sent: Wednesday, September 17, 2003 2:24 AM
Subject: [ntdev] How to create a Winsock filter driver
> Hi,
>
> I would like to create a cryptographic module at the kernel level as a
> driver to encrypt the data
> comming from some applications. we can do that by implementing it as a NDIS
> filter driver.
> sitting on top the ethernet driver and beneath the TCP/IP(tcpip.sys). But is
> it possible for us
> to preprocess the data before sending it to the tcp/ip protocol stack
> (tcip.sys). I hope we can do that
> using TDI. but I am not sure abt it. can some give me some info about the
> possible ways of doing this.
>
> Thanks,
>
> Bhanu Gogineni.
>
> _________________________________________________________________
> The hottest things. The coolest deals. http://www.msn.co.in/Shopping/ Get
> them online!
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
Hi Maxim,
Thanks for your reply. Yes I want to do like VPN-like (PPP over
IP or TCP).
I am not clear about the CoWAN miniport upper edge and TDI client lower edge
?
if you could be able to give some more info about this that will be great.
The purpose of the driver is to encrypt the data comming from of the
applications.
Regards,
Bhanu Gogineni.
From: “Maxim S. Shatskih”
>Reply-To: “Windows System Software Devs Interest List”
>
>To: “Windows System Software Devs Interest List”
>Subject: [ntdev] Re: How to create a Winsock filter driver
>Date: Wed, 17 Sep 2003 14:54:02 +0400
>
>NDIS IM has no access on what process have originated what packet, note
>this.
>
>Do you want some VPN-like (PPP over IP or TCP) solution? Then write a
>driver
>with CoWAN miniport upper edge and TDI client lower edge.
>
>Maxim Shatskih, Windows DDK MVP
>StorageCraft Corporation
>xxxxx@storagecraft.com
>http://www.storagecraft.com
>
>
>----- Original Message -----
>From: “Bhanu Gogineni”
>To: “Windows System Software Devs Interest List”
>Sent: Wednesday, September 17, 2003 2:24 AM
>Subject: [ntdev] How to create a Winsock filter driver
>
>
> > Hi,
> >
> > I would like to create a cryptographic module at the kernel level as
>a
> > driver to encrypt the data
> > comming from some applications. we can do that by implementing it as a
>NDIS
> > filter driver.
> > sitting on top the ethernet driver and beneath the TCP/IP(tcpip.sys).
>But is
> > it possible for us
> > to preprocess the data before sending it to the tcp/ip protocol stack
> > (tcip.sys). I hope we can do that
> > using TDI. but I am not sure abt it. can some give me some info about
>the
> > possible ways of doing this.
> >
> > Thanks,
> >
> > Bhanu Gogineni.
> >
> >
> > The hottest things. The coolest deals. http://www.msn.co.in/Shopping/
>Get
> > them online!
> >
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
>http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> > To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
>—
>Questions? First check the Kernel Driver FAQ at
>http://www.osronline.com/article.cfm?id=256
>
>You are currently subscribed to ntdev as: xxxxx@hotmail.com
>To unsubscribe send a blank email to xxxxx@lists.osr.com
Talk to Karthikeyan. Watch his stunning feats.
http://server1.msn.co.in/sp03/tataracing/index.asp Download images.
Read the MSDN Library on both TDI clients and NDIS CoWAN miniports.
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
----- Original Message -----
From: “Bhanu Gogineni”
To: “Windows System Software Devs Interest List”
Sent: Thursday, September 18, 2003 11:39 PM
Subject: [ntdev] Re: How to create a Winsock filter driver
> Hi Maxim,
>
> Thanks for your reply. Yes I want to do like VPN-like (PPP over
> IP or TCP).
> I am not clear about the CoWAN miniport upper edge and TDI client lower edge
> ?
> if you could be able to give some more info about this that will be great.
> The purpose of the driver is to encrypt the data comming from of the
> applications.
>
> Regards,
>
> Bhanu Gogineni.
>
> >From: “Maxim S. Shatskih”
> >Reply-To: “Windows System Software Devs Interest List”
> >
> >To: “Windows System Software Devs Interest List”
> >Subject: [ntdev] Re: How to create a Winsock filter driver
> >Date: Wed, 17 Sep 2003 14:54:02 +0400
> >
> >NDIS IM has no access on what process have originated what packet, note
> >this.
> >
> >Do you want some VPN-like (PPP over IP or TCP) solution? Then write a
> >driver
> >with CoWAN miniport upper edge and TDI client lower edge.
> >
> >Maxim Shatskih, Windows DDK MVP
> >StorageCraft Corporation
> >xxxxx@storagecraft.com
> >http://www.storagecraft.com
> >
> >
> >----- Original Message -----
> >From: “Bhanu Gogineni”
> >To: “Windows System Software Devs Interest List”
> >Sent: Wednesday, September 17, 2003 2:24 AM
> >Subject: [ntdev] How to create a Winsock filter driver
> >
> >
> > > Hi,
> > >
> > > I would like to create a cryptographic module at the kernel level as
> >a
> > > driver to encrypt the data
> > > comming from some applications. we can do that by implementing it as a
> >NDIS
> > > filter driver.
> > > sitting on top the ethernet driver and beneath the TCP/IP(tcpip.sys).
> >But is
> > > it possible for us
> > > to preprocess the data before sending it to the tcp/ip protocol stack
> > > (tcip.sys). I hope we can do that
> > > using TDI. but I am not sure abt it. can some give me some info about
> >the
> > > possible ways of doing this.
> > >
> > > Thanks,
> > >
> > > Bhanu Gogineni.
> > >
> > >
> > > The hottest things. The coolest deals. http://www.msn.co.in/Shopping/
> >Get
> > > them online!
> > >
> > >
> > > —
> > > Questions? First check the Kernel Driver FAQ at
> >http://www.osronline.com/article.cfm?id=256
> > >
> > > You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> > > To unsubscribe send a blank email to xxxxx@lists.osr.com
> >
> >
> >—
> >Questions? First check the Kernel Driver FAQ at
> >http://www.osronline.com/article.cfm?id=256
> >
> >You are currently subscribed to ntdev as: xxxxx@hotmail.com
> >To unsubscribe send a blank email to xxxxx@lists.osr.com
>
>
> Talk to Karthikeyan. Watch his stunning feats.
> http://server1.msn.co.in/sp03/tataracing/index.asp Download images.
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com