how to develop a firewall to monitor process and protocol Driver and NDIS Intermediate Drivers

OSR_Community_User · June 23, 2004, 4:16am

I mean this:

monitor process just need tdi filter , tcpip.sys …
how to monitor all protocol driver in the machine??? how sygate firewall
to do it ??
hook registerprotocol ??

3 .if a trojan is a NDIS Intermediate Driver , how to block it and monitor
its communication ??

ok .thanks a lot

horace