[Winpcap-bugs] Re: [Enhancement] A driver to capture PPP frames
(cookbook)
Piotr Podsiadły
p.podsiadly at gmail.com
Fri Oct 24 06:42:05 GMT 2008
Hi,
It is me again.
I forgot to add that I am using one socket listener which works fine for me.
It works only on single process but it is fine for me. You can add info
about this in FAQ, maybe someone will like it as well.
Description
===========
SocketSniff allows you to watch the Windows Sockets (WinSock) activity of
the selected process.
For each created socket, the following information is displayed: socket
handle, socket type, local and remote addresses, local and remote ports,
total number of send/receive bytes, and more. You can also watch the
content of each send or receive call, in Ascii mode or as Hex Dump.
Using SocketSniff In Windows Vista
==================================
SocketSniff can work in Vista even when UAC (User Account Control) is
turned on, as long as the process that you wish to inspect run in the
same account and security context of SocketSniff. However, if you want to
inspect a process that runs under administrator account, you must also
run SocketSniff as administrator. (right-click on SocketSniff.exe and
choose 'Run As Administrator')
2008/10/23 Piotr Podsiadły <p.podsiadly at gmail.com>
> Hi,
>
> In FAQ you wrote that "the NDIS binding process that prevent a protocol
> driver from working properly on WAN adapters"
>
> I searched for "Vista PPP capture" and I found this:
>
> http://msdn.microsoft.com/en-us/library/bb404173(VS.85).aspx
>
> with is a cookbook for creating driver to capture PPP frames.
>
> Is this useful, have you read this already? I am not the network expert,
> but it seems to be explained in details how to write driver to capture PPP
> frames.
>
> Best regards
> Peter Podsiadly
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/winpcap-bugs/attachments/20081024/9cb17e2d/attachment.htm
More information about the Winpcap-bugs
mailing list