[Winpcap-users] using Network Monitor versus WinPCap for realtimenetwork usage statistics monitoring/capture?

Gianluca Varenni gianluca.varenni at cacetech.com
Fri Jul 9 16:23:36 PDT 2010 

As I said, the IP helper API provides such information, as far as I know. Otherwise you would need to write some lightweight filter driver (I think that's the name of the technology, it changes between different windows versions)  that will basically interact with the TCP/IP stack and provide you such information.

Have a nice day
GV


From: Greg Hauptmann 
Sent: Friday, July 09, 2010 4:13 PM
To: winpcap-users at winpcap.org 
Subject: Re: [Winpcap-users] using Network Monitor versus WinPCap for realtimenetwork usage statistics monitoring/capture?


thanks Gianluca 


Any other ideas (noting Q1 answer) re how to monitor/track network usage on a per PC application/process basis then?   Is it perhaps an unachievable thing?




On 10 July 2010 02:11, Gianluca Varenni <gianluca.varenni at cacetech.com> wrote:

  1. WinPcap does not provide any information as to which process transmitted a specific packet. It's possible to get such information (for TCP/UDP connections) with the IP helper APIs, and correlate it with the packets. In any case, if the traffic is for example generated by WinPcap, the IP helper API would not help.
  2. Supported
  3. Supported
  4. It won't slow down internet browsing, but it might slow down the machine. At the end of the story, you are running another application on the system. If the application is CPU/disk intensive (e.g. becuase it dumps every packet to disk) then the whole system would slow down.
  5. WinPcap just provides packets. The application is in charge of saving the collected data in a way that another application can read such data.
  6. WinPcap needs to be installed separately (there is no silent installer). If you need to embed WinPcap into a commercial application and do not want to install WinPcap separately, you can also opt for WinPcap Professional http://www.cacetech.com/products/winpcap_pro.html

  Have a nice day
  GV


  From: Greg Hauptmann 
  Sent: Wednesday, July 07, 2010 11:16 PM
  To: winpcap-users at winpcap.org 
  Subject: [Winpcap-users] using Network Monitor versus WinPCap for real timenetwork usage statistics monitoring/capture?


  Hi,
  I have some requirements I would like to implement, see below.  My questions are:

  a) would I be able to use WinPCap to implement these requirements?

  b) I'm aware of Microsoft Network Monitor also - anyone across this as well that would be in a position to suggest which direction I should start going?



  Requirements


  1. Allow collection / real-time-monitoring of network usage from a users Windows PC to a specific set of IP addresses (or DNS names), on a per application/process running on the PC point of view, differentiating between "up" and "down" traffic.  For example: show how much network traffic has been used (sending to the configured set of IP addresses/DNS names) for each PC process/application for the day so far.

  2. Solution should run on the PC that the user is utilising (i.e. not require setup of software on a separate PC)

  3. For Windows PC (e.g. XP, Vista, Windows 7)

  4. Shouldn't cause noticeable performance hit for the users (e.g. slow down internet browsing)

  5. Would want the data collected stored on the PC in a manner that a GUI program (e.g. C# WPF app) could access for displaying to user.

  6. If possible ability to satisfy with only one application download/install (i.e. if possible no dependency on the user pre-installing another application)

  Have a nice day
  GV



  thanks





------------------------------------------------------------------------------


  _______________________________________________
  Winpcap-users mailing list
  Winpcap-users at winpcap.org
  https://www.winpcap.org/mailman/listinfo/winpcap-users



  _______________________________________________
  Winpcap-users mailing list
  Winpcap-users at winpcap.org
  https://www.winpcap.org/mailman/listinfo/winpcap-users





-- 
Greg 
http://blog.gregnet.org/





--------------------------------------------------------------------------------


_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/winpcap-users/attachments/20100709/46946380/attachment-0001.htm

More information about the Winpcap-users mailing list