[Winpcap-users] Using Winpcap to list active network sessions

Turki Al-Ibrahim turkiad at gmail.com
Sat Feb 20 04:11:04 PST 2010 

Thanks for the reply.

I'm developing a small tool that displays active network sessions (like what
the output of netstat -ba looks like), this is actually my bachelor
graduation project.

I've been testing IP helper (Thanks to you guys), and managed to get active
netowrk sessions using GetTcpTable.

However, I would like to mention about How to extract the same information
using Winpcap in the Literature review section.

Can you be kind enough to point me to the right direction on how to get more
info about what you mentioned "decoding the captured packets and recognizing
the IP/TCP connections"?

Thanks & Regards.

On Wed, Feb 17, 2010 at 1:10 AM, Gianluca Varenni <
gianluca.varenni at cacetech.com> wrote:

>  WinPcap captures packets, it doesn't directly lists the network session.
> You can obtain a similar information by decoding the captured packets and
> recognizing the IP/TCP connections. What's the problem that you are trying
> to solve? If all you need is the list of TCP sessions and you work on
> Windows only, I think the Microsoft IP helper API should give you what you
> need.
>
> Have a nice day
> GV
>
>  *From:* Turki Al-Ibrahim <turkiad at gmail.com>
> *Sent:* Tuesday, February 16, 2010 8:47 AM
> *To:* winpcap-users at winpcap.org
> *Subject:* [Winpcap-users] Using Winpcap to list active network sessions
>
> Hi,
>
> I'm trying to develop an application that lists active network sessions in
> a machine, something like netstat but I'm wondering if it is possible to get
> the same result using winpcap API?
>
> Thanks.
>
> --
> Taylor
>
>  ------------------------------
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
>
>


-- 
Turki M. Al-Ibrahim
turkim (at) gmail  com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/winpcap-users/attachments/20100220/396b256e/attachment.htm

More information about the Winpcap-users mailing list