Hy guys,
I am trying make simple program and I have some problems. Program will monitor sockets allocated of processess, allow/deny connection.
My questions:
These information are very important for me.
Thanks for any response.
If sockets is only as deep as you want to go, then you should
probably look at writing a Winsock layered service provider - see
MSDN. This is all done in user mode and is comparatively easy.
If, however, you are also looking to explore connection established
from kernel mode, then other not so easy solutions will need to be explored.
At 20:54 29/06/2010, xxxxx@gmail.com wrote:
Hy guys,
I am trying make simple program and I have some problems. Program
will monitor sockets allocated of processess, allow/deny connection.
My questions:
- how to find out opened sockets of process?
- how to allow/deny connection of the socket?
These information are very important for me.
Thanks for any response.
> 1) how to find out opened sockets of process?
Some IPHelper calls? look at how “netstat -b” works.
- how to allow/deny connection of the socket?
Windows Filtering Platform can help you.
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com