Reputation: 2274
How to hook into Windows network events
I would like to hook into certain windows network events, such as new incoming and outgoing connections.
What are the options? wmic, windows API?
Upvotes: 3
Views: 3424
Answers (3)
Reputation: 1809
Here is some tools to filter,modify,read packet in windows:
- WinDivert Free open source project work on Windows 7, 2008 or upper. network layer.
- WinpkFilter 3.0 Commercial, Windows XP and upper. datalink layer
- pcausa, Commercial. datalink layer
- Windows Filtering Platform Packet Modification Sample A sample to create callout driver that WinDivert use, you should now to implement kernel driver. network layer.
Upvotes: 1
Reputation:
You could inject a DLL that hooks send() and recv() into every process. The DLL would then also hook CreateProcess to inject itself into processes created in the future.
Upvotes: 2
Reputation: 34308
You could take a look at WinPcap:
http://www.winpcap.org/
"WinPcap is an open source library for packet capture and network analysis for the Win32 platforms."
http://www.winpcap.org/docs/docs_412/html/main.html
This is the library that programs like Wireshark uses to do all it's capturing with. http://www.winpcap.org/misc/features.htm
Upvotes: 3
Related Questions
- How can I listen for events in the Microsoft-Windows-NetworkProfile/Operational log?
- Windows event, when wifi connection attempt is made
- How to subscribe a specific network adapter connection event in .NET
- How to listen to windows events in C#?
- What is best way to raise application events for use with admin network monitoring tools
- How can I generate system wide events on Windows?
- Windows API Programming
- How do I hook another applications events?
- Catch network adapter up/down and address changed event (Windows, C#)
- How to receive event when network is connected and also when user logs in