Author | Message | Time |
---|---|---|
leax | hi just wondering if anyone know how to "efficiently" map captured TCP/IP packets to their intended owner Process such as war3.exe right now i m polling APIs thats similar to "netstat -aon" to get a list of connections and matching up the packet IP/Port to that result of netstat, but its kinda slow and depending on the polling interval, some connection just never get detected leaving some packets orphaned of its process owner so any pros out there would plz shed on light on the topic? thanks in advance oh for some background info, i m doing this in vb.net under windows, using raw socket for basic packet sniffing and IPHelper "iphlpapi.dll" WIN32 API for getting netstat informations | June 20, 2006, 11:56 AM |
Myndfyr | How are you capturing packets? | June 20, 2006, 4:15 PM |
leax | System.Net.Sockets with SocketType set to RAW | June 21, 2006, 2:11 AM |