• Welcome to Valhalla Legends Archive.
 

anyone got idea on TCP Packet to Process Name (or PID) mapping

Started by leax, June 20, 2006, 06:56 AM

Previous topic - Next topic

leax

hi
just wondering if anyone know how to "efficiently" map captured  TCP/IP packets to their intended owner Process such as war3.exe
right now i m polling APIs thats similar to "netstat -aon" to get a list of connections and matching up the packet IP/Port to that result of netstat, but its kinda slow and depending on the polling interval, some connection just never get detected leaving some packets orphaned of its process owner

so any pros out there would plz shed on light on the topic?

thanks in advance


oh for some background info, i m doing this in vb.net under windows, using raw socket for basic packet sniffing and IPHelper "iphlpapi.dll" WIN32 API for getting netstat informations

Warcarft3 Custom Game Host Bot Development
http://www.codelain.com

MyndFyre

QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

leax

Warcarft3 Custom Game Host Bot Development
http://www.codelain.com