Re: [WinPcap-users] Username resolution ...

[Denis Bujoreanu]

Hi Gavin,   The way I see it is you could use a system wide hook and corelate the messages coming in the system with the packets coming in on the NIC ----- Original Message ----- From: Gavin Morris To: WinPCap Users (E-mail) Sent: Tuesday, September 10, 2002 6:14 AM Subject: [WinPcap-users] Username resolution ... G'day all,   I'm currently using packets captured by WinPCap to build a table of active TCP/IP connections. This table currently looks like the one generated by netstat on the command line.   What I need to do is work out which Windows NT user has established each connection - more precisely, the security context of the process that established each connection.   Now I know that the IP stack is probably well outside the realm of NT security, but does anyone know if there is some way to put this information together?   Regards, Gavin   --- Gavin Morris, BSc WebSpy Sentinel Project Leader [EMAIL PROTECTED] Mobile: +61 0403 508 862