[Winpcap-users] How to use WinpCap to capture SQL command send
over NIC
Richard Horton
richard.horton at solstans.co.uk
Wed Jul 16 20:39:07 GMT 2008
2008/7/16 Lam Hong Bac <lamhong.bac at gmail.com>:
> Dear All,
>
> I am new with winpcap. I am studying if we can use winpcap lib to capture
> packet send over NIC then filter (port, protocol) and parse it into SQL
> command
>
You can easily do that - however I can't help wondering why... could
you just turn on SQL logging on the server to capture the SQL requests
sent to the server?
Or for the client end, assuming a windows shop, turn odbc logging on?
WinPCAP though will do the job - you'll just need to write your own
parser to turn the raw packets back into SQL commands (which might
include having to reassemble the tcp/upd fragements to get the whole
packet)...
--
Richard Horton
Users are like a virus: Each causing a thousand tiny crises until the
host finally dies.
http://www.solstans.co.uk - Solstans Japanese Bobtails and Norwegian Forest Cats
http://www.pbase.com/arimus - My online photogallery
More information about the Winpcap-users
mailing list