Hi!
is it possible to send and recv packet directly from a NDIS intermediate driver? i mean, can i export a device object to win32 subsystem from my NDIS IM driver by calling IoCreateDevice and IoCreateSymbolic, and using ReadFile and WriteFile API from win32 subsystem to recv and send packets.
my motivation is to bypass some desktop firewall, such as zone alarm.
regards.
dong dawoo
¸Ï¿ì×¢²áÑÅ»¢³¬´óÈÝÁ¿Ãâ·ÑÓÊÏä?
http://cn.mail.yahoo.com
You are either 1) designing malware, or 2) designing an application poorly.
Applications should use the standard WinSock API. Firewalls are designed to
interoperate with those APIs, to detect and block / allow access to the
networking stack. If you design around this, you will either 1) make life
for your users difficult, 2) make your product *less* secure since now the
firewall cannot protect the user, or 3) make your product simply not work,
because you did not anticipate how a certain firewall product works, and it
*does* block your application’s access.
If you insist on this path, read the docs on NdisMRegisterDevice.
– arlie
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of identifier scorpio
Sent: Monday, March 27, 2006 10:38 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] is it possible to send and recv pkt directly from a NDIS
intermediate driver?
Hi!
is it possible to send and recv packet directly from a NDIS intermediate
driver? i mean, can i export a device object to win32 subsystem from my NDIS
IM driver by calling IoCreateDevice and IoCreateSymbolic, and using ReadFile
and WriteFile API from win32 subsystem to recv and send packets.
my motivation is to bypass some desktop firewall, such as zone alarm.
regards.
dong dawoo
?Ͽ?ע???Ż???
http://cn.mail.yahoo.com — Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256 To unsubscribe, visit the List
Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
neither malware nor application, it’s just technology. i found a sample in XP ddk
named ‘ndisuio’, which seems to have done the same thing that i want to do.
thanks for reply.
dong dawoo
Arlie Davis дµÀ£º
You are either 1) designing malware, or 2) designing an application poorly.
Applications should use the standard WinSock API. Firewalls are designed to
interoperate with those APIs, to detect and block / allow access to the
networking stack. If you design around this, you will either 1) make life
for your users difficult, 2) make your product less secure since now the
firewall cannot protect the user, or 3) make your product simply not work,
because you did not anticipate how a certain firewall product works, and it
does block your application’s access.
If you insist on this path, read the docs on NdisMRegisterDevice.
– arlie
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of identifier scorpio
Sent: Monday, March 27, 2006 10:38 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] is it possible to send and recv pkt directly from a NDIS
intermediate driver?
Hi!
is it possible to send and recv packet directly from a NDIS intermediate
driver? i mean, can i export a device object to win32 subsystem from my NDIS
IM driver by calling IoCreateDevice and IoCreateSymbolic, and using ReadFile
and WriteFile API from win32 subsystem to recv and send packets.
my motivation is to bypass some desktop firewall, such as zone alarm.
regards.
dong dawoo
__________________
¸Ï¿ì×¢²áÑÅ»¢³¬´óÈÝÁ¿Ãâ·ÑÓÊÏä?
http://cn.mail.yahoo.com — Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256 To unsubscribe, visit the List
Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
—
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
---------------------------------
ÑÅ»¢1GÃâ·ÑÓÊÏä°Ù·Ö°Ù·ÀÀ¬»øÐÅ
ÑÅ»¢ÖúÊÖ-ËÑË÷¡¢É±¶¾¡¢·ÀɧÈÅ