Event Tracing for Windows with real time monitoring
*EVENT_TRACE_REAL_TIME_MODE* .
http://msdn.microsoft.com/en-us/library/windows/desktop/aa364083(v=vs.85).aspx
to build architecture in which it is required that an app must be run only
in presence of a particular driver, one option is ETW as mentioned above.
The link describes the available classes which you can monitor. ETW is
basically a diagnostic framework but we can use it for monitoring purposes.
On Mon, Dec 1, 2014 at 5:37 PM, Maxim S. Shatskih
wrote:
> You can’t.
>
> The main vulnerability of this stuff is not in “how to make a driver”.
> It is in a “how to prevent running the game with the driver being turned
> off”.
>
> “rohan kumbhar” wrote in message
> news:xxxxx@ntdev…
> To guard your game at runtime, you can control access to the game process
> by using ObRegisterCallbacks.
> you can control the desired access by fliping the access rights. This is
> one of the many options for process security.
>
> On Sun, Nov 30, 2014 at 8:18 AM, wrote:
>
>> In the end, an anti-cheat is only a good attempt at something impossible.
>>
>> —
>> NTDEV is sponsored by OSR
>>
>> Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
>>
>> OSR is HIRING!! See http://www.osr.com/careers
>>
>> For our schedule of WDF, WDM, debugging and other seminars visit:
>> http://www.osr.com/seminars
>>
>> To unsubscribe, visit the List Server section of OSR Online at
>> http://www.osronline.com/page.cfm?name=ListServer
>>
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
>
> OSR is HIRING!! See http://www.osr.com/careers
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>