[Winpcap-users] How to use WinpCap to capture SQL command send over NIC

Richard Horton richard.horton at solstans.co.uk
Wed Jul 16 20:39:07 GMT 2008

2008/7/16 Lam Hong Bac <lamhong.bac at gmail.com>:
> Dear All,
> I am new with winpcap. I am studying if we can use winpcap lib to capture
> packet send over NIC then filter (port, protocol) and parse it into SQL
> command

You can easily do that - however I can't help wondering why... could
you just turn on SQL logging on the server to capture the SQL requests
sent to the server?

Or for the client end, assuming a windows shop, turn odbc logging on?

WinPCAP though will do the job  - you'll just need to write your own
parser to turn the raw packets back into SQL commands (which might
include having to reassemble the tcp/upd fragements to get the whole

Richard Horton
Users are like a virus: Each causing a thousand tiny crises until the
host finally dies.
http://www.solstans.co.uk - Solstans Japanese Bobtails and Norwegian Forest Cats
http://www.pbase.com/arimus - My online photogallery

More information about the Winpcap-users mailing list