Mario,
Someone else will probably chime in with more help (and hopefully
correct me if I make a mistake!) but
1. there are two interfaces,
packet.dll that runs on top of the driver (npf.sys)
winpcap that runs on top of packet.dll
2. The interface of choice is winpcap because it is the supported
A couple of things as I read this thread- based on speculation as I try
to understand what is going on.
- some process must intercepting ARP replies and sending out incorrect
ARP reply packets
- either malware or some combination of programs or some program gone crazy
- a good virus/spyware
It was not clear from your mail exactly what you are trying to do, so
this may not be helpful. Itt appears that you are trying to mix managed
and unmanaged C++ so here is an example of someone doing that:
http://www.codeguru.com/Cpp/Cpp/cpp_managed/interop/article.php/c6867/
There is a
I have been looking around for a way to match packets to processes as
well. For Windows XP there is the IP Helper API which uses TcpEx (EX for
extended) and UdpEx functions that can get process id and socket pairs.
With this and some decoding of packets one can then look at the protocol
and
haven't tried Service pack 2, yet.
What problems are you encountering?
Have a nice day
GV
- Original Message -
From: terry braun [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, August 12, 2004 3:59 PM
Subject: [WinPcap-users] xp service pack 2 and winpcap3.1 beta 3
Does anyone
Does anyone have any experience with XP SP 2 and winpcap 3.1 beta 3?
Things are broken for me but maybe that is not the reason.
Terry
==
This is the WinPcap users list. It is archived at
http://www.mail-archive.com/[EMAIL