You can get a free trial of our c++ parental control which allows you to build you own filter without wasting your valuable time on learning and implementing network interception and modification techniques.
It also parses various HTTP encodings such as GZIP, Inflate, SDCH, Chunked trasfer and has the ability to decrypt SSL traffic.
Barak
Download our free Internet Explorer sniffer which is a useful tool for various tasks ranging from debugging your application to debugging web sites. Other Internet explorer sniffers can come with or without SSL/HTTPS decryption support, it can be Open source, or propietary.
Which to use? this is not an easy question to answer because the sniffer choice is really a combination or needs, budget and deployment environment. For example: you can’t use a GPL sniffer like Wireshark for a commercial application, but buying a SDK just to sniff a normal website for a one time debug isn’t making sense as well.
Barak
There are number of ways to perform SSL Decrypt and it’s up to the programmer to decide what works best for him:
Barak
Sniffer APIÂ is needed when a programmer wants to have a sniffing capability in his application. First thing to check is whether the programmer needs stream sniffing or packet sniffing. The difference is so great that choosing the wrong one can doom the project (I’ll not get into the differences in this post)
There are a few options:
Barak
There are several ways to implement a firewall:
Barak
When you need to filter a DNS request, there are number of ways to do it:
Komodia’s DNS Hijack intercepts all DNS requests before they are leaving the machine and allows the programmer to perform any lookup he desires, this can be done with any language that supports DLLs such as: C/C++, Delphi, .Net, VB
Barak
URL Filtering SDKÂ are used for programmers or companies that want to develop web content filter, usually for parental control and wants to focus their development on what their clients perceive as advantage: GUI, Support, ease of use. The usage of the SDK frees up development time which is complex and time consuming.
Here at Komodia we developed our URL Filtering SDKÂ for about 3 years. Even you’re going to implement only subset of the functionality, please allow for up to six month of development and QA, and that’s just for the basic functionality.
Barak
API interception via DLL redirection is a method that can be used to modify the default behaviour of an application that you don’t have the source code to.
Since this Blog is about network interception, I’ll address that point. It’s possible to intercept the Winsock API via DLL injection (also called detouring). This method has advantages and disadvantages (at Komodia we use Winsock LSP to do that), the main advantages of network DLL injection:
Disadvantages are:
Barak
Each time a Platform SDK comes out for a specific OS it comes with a new LSP sample for the latest OS, the Windows XP one was the first decent sample, but then came Vista and the default installer for Vista isn’t the best one – and that’s an understatement.
Like mentioned before we packed the Windows XP LSP sample to be easily compiled, and as we always remind that the default samples will work perfect in the lab, but will fail miserably in real computers. We have a nice article just about why you should outsource your LSP development.
Barak
We have wrote a bit on what is TDI. Basically most personal firewall are using TDI for various reasons:
TDI is being phased out by Microsoft, and according to their documentation the next Windows version might not support it anymore so investing in TDI can be quite risky.
Barak