[Winpcap-users] using Network Monitor versus WinPCap for real timenetwork usage statistics monitoring/capture?

Greg Hauptmann greg.hauptmann.ruby at gmail.com
Sat Jul 10 03:32:35 PDT 2010 

Having a few issues digesting the info - mind if I ask:

1) Re trying to access MIB_TCPSTATS (for GetTcpStatistics) & MIB_TCPTABLE
(for GetExtendedTcpTable) do you know how to find out where these reside on
a Windows PC (i.e. whereabouts in the MIB hierarchy)?  That is, noting I'm
running OidViewProfessional how would I navigate to these MIBs to see what
my current PC is storing in values? (i.e. to see what sort of values are in
there)

2) Re "do it by looking up remote IP address/port/protocol information in
the OS's table of sockets to see what process, if any, has that socket" - do
I assume by this you mean access the above-mentioned MIBs via use of the
above-mentioned IP Helper Functions?    I can't see from the doco how these
tables would be used to obtain per application/process network usage
figures?  It would be great if you could clarify what you mean by this in a
little more detail?f  i.e. what doco are you reading whereby it would give
the clarity that it is possible to get access to per application/process
network usage statistics?


thanks



On 10 July 2010 12:26, Greg Hauptmann <greg.hauptmann.ruby at gmail.com> wrote:

> thanks - I'll try to dig into this info
>
>
> On 10 July 2010 11:19, Guy Harris <guy at alum.mit.edu> wrote:
>
>>
>> On Jul 9, 2010, at 4:29 PM, Guy Harris wrote:
>>
>> > to fetch the TCP and UDP connection tables:
>> >
>> >       http://msdn.microsoft.com/en-us/library/aa366344(v=VS.85).aspx
>> >
>> >       http://msdn.microsoft.com/en-us/library/aa366026(v=VS.85).aspx
>> >
>> >       http://msdn.microsoft.com/en-us/library/aa366033(v=VS.85).aspx
>>
>> And
>>
>>        http://msdn.microsoft.com/en-us/library/aa365928(VS.85).aspx
>>
>>        http://msdn.microsoft.com/en-us/library/aa365930(VS.85).aspx
>>
>> _______________________________________________
>> Winpcap-users mailing list
>> Winpcap-users at winpcap.org
>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>
>
>
>
> --
> Greg
> http://blog.gregnet.org/
>
>
>


-- 
Greg
http://blog.gregnet.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/winpcap-users/attachments/20100710/b881a78b/attachment.htm

More information about the Winpcap-users mailing list