Tag Archives: NDIS

NDIS Hooking Source Code

Code hooking is a very good tool for the programmer – specifically when chasing down bugs.  When building your NDIS hooking source code, be sure to visit Komodia’s free NDIS guide and resource page.  There is a lot of free – yet extremely valuable – information about all things NDIS.  This includes, but is not limited to, NDIS passthru information, intermediate drivers, and protocol drivers.

Chris

NDIS 64 bit passthru

NDIS 64 bit Passthru is a service that allows you to intercept all information packets that sent to, sent from, or received by a network interface.  If that wasn’t cool enough, you can also read, block, and/or modify any and all of these information packets.  Passthru NDIS modify is a relatively simple procedure once you have it all down.  Here is the best part, Komodia has a free NDIS guide!

Chris

http Redirect src NDIS

Komodia’s free NDIS guide can handle all over your NDIS problems, questions, and concerns.  NDIS redirection can be tricky – which is, I imagine, why you are here.  For all questions like http redirect src NDIS to NDIS redirect all http connections to NDIS redirection in general, Komodia is here with a free resource to help.

Chris

NDIS Hooking Source Code

NDIS (Network Driver Interface Specification) makes it possible for varying transport protocols to communicate with the network adapters (and any other hardware device).  When you are looking for NDIS specific information (like a NDIS hooking source code), the best place to find everything you may need is Komodia’s free NDIS guide.

Komodia’s NDIS free guide answers questions and provides information for all things network driver interface related.  From the NDIS hooking source code to the NDIS passthru and more.

Chris

Packet Redirection NDIS Questions

NDIS (Network Driver Interface Specification) allows differing transport protocols to communicate with the network adapters (and/or other hardware devices). NDIS accomplishes this by giving a specification to the Network Driver Architecture. As soon as the transport protocol communicates to the network adapter using these NDIS specifications, then the network adapter will be able to send/receive packets and other data over this network.  For all questions related to packet redirection NDIS or passthru NDIS modify concerns, please view Komdia’s free NDIS Guide.

Chris

How to intercept data on Internet

How to intercept data on Internet? This can be done using number of technologies:

  • Winsock LSP – Is good when you want to operate at user level and inspect streams and not packets.
  • TDI – Soon to be phased out, it’s a driver like technology that can be used either in packet or stream level.
  • NDIS – Kernel driver that inspects packets and has total control over the network.
  • WFP – Microsoft new filterting platform, but until Windows XP is phased out, I forsee it will not gain momentum.

Barak

NDIS filter development

NDIS filter development is a tedious and hard process, there are packages on the Internet that offer an easier development, but the real question should be – DO YOU NEED NDIS FILTER? you see, some implementations can only be done with NDIS filter, BUT there are scenarios which can be solved with NDIS or other network interception technologies. If this is the case it’s imperative you know FOR SURE, that NDIS was indeed the correct technology for that solution.

Barak

Firewall application layer Winsock2

There are several ways to implement a firewall:

  • Winsock LSP – Can be used for an application layer firewall, but it’s mostly not used for various reasons.
  • TDI Driver – Mostly used for personal firewalls, according to Microsoft it will be phased out in the next OS.
  • Ndis IM – Mostly used for gateway firewalls.
  • WFP – The new plaform Microsoft is promoting, in my opinion that until XP is retired this will not gain momentum.

Barak