Hello Tony,
no, no Tony, i’ve never said you’re lame or that OSR stuff is lame.
that simply wouldn’t be true. please read the original email once again.
or don’t waste your time, simply take it as i write.
my point never was about hooking versus not-hooking (i simply don’t
care, a lot of commercial products hooks, i grew up on dos, where
hooking was a standard thing. i don’t say that hooking is the main
method, but when it has its needed i’m not against its usage), c versus
c++ or such. the irptracker was chosen only to support the following
and because the OP asked about irp tracking.
my point ever was (and you can read some of my posts earlier on
this list) that some knowledgeable people here answer OP’s
“not-so-clever” questions in a very unlucky way making the OP lame for
even asking. yep, they should first read the manual, they should gain
some knowledge about NT, i did it, we all did it that way. but why to
make fun of them? why not just simply ignore the posts?
for example is funny to see when some OP visibly from india asks some
not very clever question about coding for NT, almost everytime the
outsourcing in a way like: “look, people are dumb to outsorce to these
progammers” is taken to mouth. well it’s not funny at all.
and i could continue like that.
think what you want, i don’t care, but please don’t write answers that
simply must lower my opinion about you even though i really admire
your knowledge.
–
Best regards,
Ivona Prenosilova
Attach a filter to the object.
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
----- Original Message -----
From: “shark marian”
To: “Windows System Software Devs Interest List”
Sent: Sunday, December 12, 2004 3:08 PM
Subject: RE:[ntdev] How to hook the function IoCallDriver?
> because i want to track all the irp that it send to the object,i want
> to know all the irp ,so i want to hook the IoCallDriver,and then i can get
> all the irp and all the object that receive the irp.
>
> _________________________________________________________________
> ??? MSN Explorer: http://explorer.msn.com/lccn
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
Ok. Calm down guys. We are all here to learn and I am the first to be
taught. What is a great book about how NT works. Any recommendations? I
want the best of the best if possible.
Thanks a lot.
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Dan Partelly
Sent: Sunday, December 12, 2004 7:56 AM
To: Windows System Software Devs Interest List
Subject: Re: RE:[ntdev] How to hook the function IoCallDriver?
Whats wrong using for this a classical filter driver ? This is the
correct
solution
to your problem, not a fantesist aproach like hooking a kernel API. May
I
suggest you learning how NT works internally ?
Dan
----- Original Message -----
From: “shark marian”
To: “Windows System Software Devs Interest List”
Sent: Sunday, December 12, 2004 2:08 PM
Subject: RE:[ntdev] How to hook the function IoCallDriver?
> because i want to track all the irp that it send to the object,i
want
> to know all the irp ,so i want to hook the IoCallDriver,and then i can
get
> all the irp and all the object that receive the irp.
>
> _________________________________________________________________
> ??? MSN Explorer: http://explorer.msn.com/lccn
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@rdsor.ro
> To unsubscribe send a blank email to xxxxx@lists.osr.com
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@cse.psu.edu
To unsubscribe send a blank email to xxxxx@lists.osr.com