thanks Gianluca<div><br></div><div>Any other ideas (noting Q1 answer) re how to monitor/track network usage on a per PC application/process basis then? Is it perhaps an unachievable thing?</div><div><br></div><div><br><div class="gmail_quote">
On 10 July 2010 02:11, Gianluca Varenni <span dir="ltr"><<a href="mailto:gianluca.varenni@cacetech.com">gianluca.varenni@cacetech.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div style="padding-left:10px;padding-right:10px;padding-top:15px" name="Compose message area">
<div><font face="Calibri">1. <font color="#000000" size="3" face="Calibri">WinPcap does
not provide any information as to which process transmitted a specific packet.
It's possible to get such information (for TCP/UDP connections) with the IP
helper APIs, and correlate it with the packets. In any case, if the traffic is
for example generated by WinPcap, the IP helper API would not
help.</font></font></div>
<div><font face="Calibri">2. Supported</font></div>
<div><font face="Calibri">3. Supported</font></div>
<div><font face="Calibri">4. <font color="#000000" size="3" face="Calibri">It won't slow
down internet browsing, but it might slow down the machine. At the end of the
story, you are running another application on the system. If the application is
CPU/disk intensive (e.g. becuase it dumps every packet to disk) then the whole
system would slow down.</font></font></div>
<div><font face="Calibri">5. <font color="#000000" size="3" face="Calibri">WinPcap just
provides packets. The application is in charge of saving the collected data in a
way that another application can read such data.</font></font></div>
<div><font face="Calibri">6. WinPcap needs to be installed separately (there is no
silent installer). If you need to embed WinPcap into a commercial application
and do not want to install WinPcap separately, you can also opt for WinPcap
Professional <a href="http://www.cacetech.com/products/winpcap_pro.html" target="_blank">http://www.cacetech.com/products/winpcap_pro.html</a></font></div>
<div><font face="Calibri"></font> </div>
<div><font face="Calibri">Have a nice day</font></div>
<div><font face="Calibri">GV</font></div>
<div style="font:10pt Tahoma">
<div><br></div>
<div style="background:#f5f5f5">
<div><b>From:</b> <a title="mailto:greg.hauptmann.ruby@gmail.com
CTRL + Click to follow link" href="mailto:greg.hauptmann.ruby@gmail.com" target="_blank">Greg Hauptmann</a> </div>
<div><b>Sent:</b> Wednesday, July 07, 2010 11:16 PM</div>
<div><b>To:</b> <a title="mailto:winpcap-users@winpcap.org
CTRL + Click to follow link" href="mailto:winpcap-users@winpcap.org" target="_blank">winpcap-users@winpcap.org</a> </div>
<div><b>Subject:</b> [Winpcap-users] using Network Monitor versus WinPCap for
real timenetwork usage statistics monitoring/capture?</div></div></div><div><div></div><div class="h5">
<div><br></div>
<div><span style="line-height:13px;font-family:'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif;color:rgb(51,51,51);font-size:11px">Hi,</span></div>
<div><span style="line-height:13px;font-family:'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif;color:rgb(51,51,51);font-size:11px">
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
I
have some requirements I would like to implement, see below. My questions
are:</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
a)
would I be able to use WinPCap to implement these requirements?</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
b)
I'm aware of Microsoft Network Monitor also - anyone across this as well that
would be in a position to suggest which direction I should start going?</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
Requirements</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
1.
Allow collection / real-time-monitoring of network usage from a users Windows PC
to a specific set of IP addresses (or DNS names), on a per application/process
running on the PC point of view, differentiating between "up" and "down"
traffic. For example: show how much network traffic has been used (sending
to the configured set of IP addresses/DNS names) for each PC process/application
for the day so far.</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
2.
Solution should run on the PC that the user is utilising (i.e. not require setup
of software on a separate PC)</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
3.
For Windows PC (e.g. XP, Vista, Windows 7)</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
4.
Shouldn't cause noticeable performance hit for the users (e.g. slow down
internet browsing)</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
5.
Would want the data collected stored on the PC in a manner that a GUI program
(e.g. C# WPF app) could access for displaying to user.</p>
<p style="border-bottom:0px;border-left:0px;padding-bottom:0px;list-style-type:none;margin:1em 0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top:0px;border-right:0px;text-decoration:none;padding-top:0px">
6.
If possible ability to satisfy with only one application download/install (i.e.
if possible no dependency on the user pre-installing another
application)</p></span></div>
</div></div><div><span style="line-height:13px;font-family:'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif;color:rgb(51,51,51);font-size:11px">Have a nice day</span></div>
<div><span style="line-height:13px;font-family:'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif;color:rgb(51,51,51);font-size:11px">GV</span></div>
<div><span style="line-height:13px;font-family:'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif;color:rgb(51,51,51);font-size:11px"><font color="#000000" size="3" face="Calibri"></font> </span></div>
<div style="padding-bottom:0px;border-right-width:0px;margin:0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top-width:0px;border-bottom-width:0px;border-left-width:0px;padding-top:0px">
<br></div>
<div style="padding-bottom:0px;border-right-width:0px;margin:0px;padding-left:0px;outline-width:0px;padding-right:0px;font-family:inherit;border-top-width:0px;border-bottom-width:0px;border-left-width:0px;padding-top:0px">
thanks</div>
<div><br><br></div>
<p>
</p><hr>
<p></p>_______________________________________________<br>Winpcap-users mailing
list<br><a href="mailto:Winpcap-users@winpcap.org" target="_blank">Winpcap-users@winpcap.org</a><br><a href="https://www.winpcap.org/mailman/listinfo/winpcap-users" target="_blank">https://www.winpcap.org/mailman/listinfo/winpcap-users</a><br>
<p></p></div>
<br>_______________________________________________<br>
Winpcap-users mailing list<br>
<a href="mailto:Winpcap-users@winpcap.org">Winpcap-users@winpcap.org</a><br>
<a href="https://www.winpcap.org/mailman/listinfo/winpcap-users" target="_blank">https://www.winpcap.org/mailman/listinfo/winpcap-users</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Greg <br><a href="http://blog.gregnet.org/">http://blog.gregnet.org/</a><br><br><br>
</div>