What’s everyone’s opinion about the best type of network driver to stop
out bound traffic and still be able to get process name. Oh yeah and it
should work on 98-2k3. I know LSP is a option but not a very good
option. Just wondering what everyone else prefers and what are the
advantages and disadvantages from people with real world experience.
For getting process information you must be ABOVE the kernel-mode TCP/IP
driver. This would be a TDI or AFD filter driver (kernel-mode) or a Winsock
LSP (user-mode).
Wee the Windows network architecture diagrams in the DDK. Or, the diagram at
NDIS.COM:
http://www.ndis.com/papers/winpktfilter.htm
Good luck,
Thomas F. Divine
http://www.rawether.net
“Mesdaq, Ali” wrote in message news:xxxxx@ntdev…
What’s everyone’s opinion about the best type of network driver to stop
out bound traffic and still be able to get process name. Oh yeah and it
should work on 98-2k3. I know LSP is a option but not a very good
option. Just wondering what everyone else prefers and what are the
advantages and disadvantages from people with real world experience.
This is like you are asking for a product idea :). If you want to support
both 98 and NT family, it is certainly a long shot, and in this particular
case a Protocol driver that traps all the other protocol level processing is
an alternative, there’s a lot more though, and I’m afraid only a handful of
implementation(s) are tried :). Also it is not an extreemly sound idea.
On the web you will find a lot of information(s), but some of them are
already taken offline, since those ideas turned out to be valuable business
opportunities, however rediculous they might be :-). Those taken offline,
are now selling infrasture libraries for it…
-pro
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Mesdaq, Ali
Sent: Thursday, April 29, 2004 3:51 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Opinions about network driver
What’s everyone’s opinion about the best type of network driver to stop
out bound traffic and still be able to get process name. Oh yeah and it
should work on 98-2k3. I know LSP is a option but not a very good
option. Just wondering what everyone else prefers and what are the
advantages and disadvantages from people with real world experience.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@garlic.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
> This is like you are asking for a product idea :). If you want to support
both 98 and NT family, it is certainly a long shot
The shot can be long enough for Win98 to die in progress
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com