473,750 Members | 2,209 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Monitoring and reacting to incoming and outgoing traffic.

Hello All.

If I where to capture network traffic, dropping packets and modifying
packets. I.e write firewall functionality. Which API or SDK would be the
correct choice? I would prefer to do it in .net.

Do I have to use the DDK package or is there any other way?

Im quite lost here.
--
Best regards Björn Olsson
Head of Technology
Centre for Business Solutions
Gothenburg School of Economics and Commercial Law
Feb 22 '06 #1
5 2402
Hello, Björn!

BO> If I where to capture network traffic, dropping packets and modifying
BO> packets. I.e write firewall functionality. Which API or SDK would be
BO> the correct choice? I would prefer to do it in .net.

Win PCAP library can be good start, however it is unmanaged.
( http://www.winpcap.org/ )

BO> Do I have to use the DDK package or is there any other way?

If you want to filter not only sockets traffic, then definetly DDK. You will have to write kernel-mode device driver.
If sockets traffic is okay for you you can stay on user mode and write LSP ( Layered Service Provider )

--
Regards, Vadym Stetsyak
www: http://vadmyst.blogspot.com
Feb 23 '06 #2
Thanks for your reply :)

I was looking into the PCAP documentation at first but found this in its FAQ:
"Q-17: Can I use WinPcap to drop the incoming packets? Is it possible to use
WinPcap to build a firewall?

A: No. WinPcap is implemented as a protocol, therefore it is able to capture
the packets, but it can't be used to drop them before they reach the
applications. The filtering capabilities of WinPcap work only on the sniffed
packets. In order to intercept the packets before the TCP/IP stack, you must
create an intermediate driver.
"

Will I be able to to drop and modify packets with a LAyered Service Provider?
Can you point me in some direction where I can find more information on LSP?

--
Best regards Björn Olsson
Head of Technology
Centre for Business Solutions
Gothenburg School of Economics and Commercial Law
"Vadym Stetsyak" wrote:
Hello, Björn!

BO> If I where to capture network traffic, dropping packets and modifying
BO> packets. I.e write firewall functionality. Which API or SDK would be
BO> the correct choice? I would prefer to do it in .net.

Win PCAP library can be good start, however it is unmanaged.
( http://www.winpcap.org/ )

BO> Do I have to use the DDK package or is there any other way?

If you want to filter not only sockets traffic, then definetly DDK. You will have to write kernel-mode device driver.
If sockets traffic is okay for you you can stay on user mode and write LSP ( Layered Service Provider )

--
Regards, Vadym Stetsyak
www: http://vadmyst.blogspot

Feb 23 '06 #3
Hello, Björn!

BO> Will I be able to to drop and modify packets with a LAyered Service
BO> Provider?

yes

BO> Can you point me in some direction where I can find more information on
BO> LSP?

( http://www.microsoft.com/msj/0599/La...edService.aspx )
( http://www.ndis.com/papers/winpktfilter.htm )
( http://www.ndis.com/papers/winpktfilter.htm#WinsockLSP )
( http://www.ndis.com/papers/winpktfil...ilterInterface )
--
Regards, Vadym Stetsyak
www: http://vadmyst.blogspot.com
Feb 23 '06 #4
Thanks again for all the info. :)
Ive managed to read through it now and downloaded the latest windows server
2003 DDK. However I cant find anything named Layered services on the cd. :(
Have I gone blind?

--
Best regards Björn Olsson
Head of Technology
Centre for Business Solutions
Gothenburg School of Economics and Commercial Law
"Vadym Stetsyak" wrote:
Hello, Björn!

BO> Will I be able to to drop and modify packets with a LAyered Service
BO> Provider?

yes

BO> Can you point me in some direction where I can find more information on
BO> LSP?

( http://www.microsoft.com/msj/0599/La...edService.aspx )
( http://www.ndis.com/papers/winpktfilter.htm )
( http://www.ndis.com/papers/winpktfilter.htm#WinsockLSP )
( http://www.ndis.com/papers/winpktfil...ilterInterface )
--
Regards, Vadym Stetsyak
www: http://vadmyst.blogspot

Feb 23 '06 #5
Hello, Björn!

BO> Thanks again for all the info. :)
BO> Ive managed to read through it now and downloaded the latest windows
BO> server 2003 DDK. However I cant find anything named Layered services on
BO> the cd. :( Have I gone blind?

Nope, LSP is not a part of DDK, LSPs are user mode applications.
Take a look ( http://www.microsoft.com/msj/0599/La...edService.aspx )
especially code sample, it is a good start point

--
Regards, Vadym Stetsyak
www: http://vadmyst.blogspot.com
Feb 23 '06 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
6
6226
TCP/IP Monitoring in .NET
by: Randal | last post by:
Does anyone have a code sample of how one would "listen" to a TCP/IP session between an application on the local machine and a remote host. I'm looking for code that would allow me to specify a local IP and a local port which is already in use by another application (outside of my control) and simply watch the traffic. I know there are open source packet analyzers available
.NET Framework
0
1112
Monitoring ports with service app question
by: Ron Vecchi | last post by:
I would like to create a Windows service that monitors and logs all of the incoming traffic into my computer on all open ports. I've read examples where if you know the port you want to monitor this can be acheived. But I would like to listen on every one. Is this possible? Any suggestions/examples? Thanks, Ron Vecchi
C# / C Sharp
7
5135
"Redirecting" an incoming socket connection?
by: Adam Clauss | last post by:
I am trying to work-around a firewall which limits me to only being able to accept inbound connections on port 80. Unfortunately, I need to two different applications to be able to accept connections. I know of no "standard" way to make this work (and, its quite possible that I am on the totally wrong track here and there just isn't a way to do this). I am trying to determine if it would be possible to write a 'gateway' program that...
C# / C Sharp
1
4896
How to receive all incoming and outgoing network packets in C#
by: | last post by:
I cannot handle this.I can receive incoming but I cannot detect outgoing packets. I am using Windows XP no SP present. Thanks a lot for answers.
C# / C Sharp
7
10016
Incoming Outgoing Bandwidth Traffic
by: Smartbomb | last post by:
Hey guys and gals, I was wondering how I could do a bandwidth traffice moniter on incoming and outgoing traffic on a network card. is there a simple way to moniter and record the traffic? I know of performance counter but did not get it working. Thanks for the help in advance. -Smartbomb
Visual Basic .NET
7
4365
Writing monitoring program VC++
by: mojtaba_danai | last post by:
Hi Hope that some one can help with the following. I wish to write a Visual C++ program, which monitors 3-4 other services (process/programs also written in VC++). The program shall monitor, if the other processes are alive and to see, if they are sending heartbeat messages. I wish to do this for exampel via socket programming. Can any one tell me, the structure og guideline for this?
C / C++
0
1192
Re-routing outgoing net traffic
by: Felf | last post by:
What I'm trying to do re-route all my network traffic to a remote computer - similar to a proxy service in a web browser, but I want to use my program to re-route ALL traffic coming out of my computer to a remote host (which will then forward it to it's final destination). The purpose of this is to build a network for increased anonimity - similar to the TOR network, but on a smaller scale (within a local network, to mask - or fake - the...
Visual Basic 4 / 5 / 6
0
1076
Monitoring data flow!
by: mathew88 | last post by:
Hi, i have just finished my first year of uni! w00t. Now i wat to make a program in C to monitor outgoing and incoming traffic from the web. Basically i want to make a small program that keeps track of my download usage. I am not sure as to how i can monitor the traffic. Can someone help me here? Do i need to monitor data on individual ports? (eg: port 80, 81 etc) And how can i do this? Cheers!!!
C / C++
0
1222
Solutions Fast Track - Monitoring and Intrusion
by: origami.takarana | last post by:
Dear Reader, Designing for Detection ---------------------------- - Get the right equipment from the start. Make sure all of the features you need, or will need, are available from the start. - Know your environment. Identify potential physical barriers and
PHP
0
8999
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
9394
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
0
9256
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
8260
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
1
6803
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
0
6080
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
4712
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
4885
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
2
2798
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us