- This topic has 12 replies, 2 voices, and was last updated 16 years, 6 months ago by
.
-
Posts
-
Hello,
I am from R&D dept from Drishti Systems Pvt. Ltd.
We have recently announced launch of NetOptima, a statistical pornographical filter. Visit http://www.netoptima.in or search in google for “netoptima”We are looking to port our application on windows.
Here is the information about NetOptima
1) NetOptima is a kernel module sitting on a linux device.
2) NetOptima has connection helper system built-in.
3) NetOptima analyzes each connection to see if the connection contains pornographic content based on our patented (pending) pattern matching algorithms.We have shortlisted ntkernel for possible development platform for windows version of NetOptima.
Here is the information we are aware of about ntkernel.
Let us know if any of following is wrong.1) vc++ application can use drivers provided by you to develop custom application for filtering software like NetOptima.
2) we need not worry about the deployment windows platform. i.e. xp/98/vista etc.
3) I can hook, a.l.a. linux, into packet traversing system and capture packets.
4) INPUT/OUTPUT and FORWARD packets can be captured and can be differentiated.
5) the application thus developed is a userspace application and does not get attached as kernel module.
6) ntkernel has some conflict problems with other software “NDIS hooking” software. Which include cisco vpn client and other security applications. Can we get a list of software identified as conflicting with ntkernel?
7) Our time-to-market is greatly increased if we use ntkernel packet filter kit.
8) packet drop decision can be delayed (as in shaping)Do we need to know anything else? Do you recommend ntkernel packet filter kit for windows version of NetOptima?
Thanks in advance for your answers.
Anil Chandra K
ntkernel has some conflict problems with other software “NDIS hooking” software. Which include cisco vpn client and other security applications. Can we get a list of software identified as conflicting with ntkernel?
We was not able to reproduce conflict with Cisco VPN client, but it seems it may be possible on some systems/configurations. So far we have not any other open conflict issues.
Do we need to know anything else? Do you recommend ntkernel packet filter kit for windows version of NetOptima?
Your assumptions about WinpkFIlter are all correct and yes it can be used for NetOptima kind of application. Though the decision is up tp you
🙂Thanks for your prompt reply.
We have one problem.
windows version is intended to be for single system.
for nat (internet sharing) packets can clearly be identified as being “forwarded” (am I correct?)
what if the local system is running a proxy server? the connection will be as if from local system. Can we identify those packets (from proxy)?how about third party connection sharing software? how are the packets identified as?
Thanks in advance.
Anil Chandra K
In case of NAT (or even simple forwarding) you always see each packet twice (when it arrives to the internal interface and when it is forwarded from external one) and this allows you to determine that packet was NAT’ed (only source IP/port information changes after NAT).
However, in case of proxy packet structure is not saved and doing the same looks more complex, since you have to analyze the packet content.
Hello again,
We have procured software from your company.
We have a problem for installation script on vista.
when we try any of the following commands as mentioned in the installation help,
snetcfg.exe -v -l ndisrd.inf -m ndisrd_m.inf -c s -i nt_ndisrd
snetcfg.exe -v -u nt_ndisrdthe commands are failing with error code 0x80070005
We have done everything as per the help. disabled driver signature enforcement option. all files are in single directory. tried on different computers. logged in administrator account.
we are using vista home.
Please do the needful.
Regards,
Anil Chandra K
1) Are you trying to install on Vista x86 or x64?
2) Have you taken the correct drivers, INF files and snetcfg matching the OS (32 bit driver for x86, 64 bit for x64)? May be the problem in snetcfg tool if you have taken the original version from DDK instead the modified one we use.
3) Commands mentioned should be executed under Administrator account. You have mentioned that you tried, but I would recommend to recheck.
4) And the last, if you run WinpkFilter run-time installation does it install normally?1) Are you trying to install on Vista x86 or x64?
x86 – vista home is x86. we dont have x64 right now. (we ordered)2) Have you taken the correct drivers, INF files and snetcfg matching the OS (32 bit driver for x86, 64 bit for x64)? May be the problem in snetcfg tool if you have taken the original version from DDK instead the modified one we use.
We are using snetcfg and other files from installation of winpkfilter.
After installing winpkfilter on vista, there is a directory (winpkfilter frameworkkerneldriver). the snetcfg tool and other files are taken from that directory.3) Commands mentioned should be executed under Administrator account. You have mentioned that you tried, but I would recommend to recheck.
We have cross – checked the admin account. we are using under *administrator* account.4) And the last, if you run WinpkFilter run-time installation does it install normally?
the winpkfilter installation on vista (x86) is installed smoothly and I am able to run test applications successfully.the winpkfilter installation on vista (x86) is installed smoothly and I am able to run test applications successfully.
So installer was able to install WinpkFilter driver successfully, but you can’t install files taken from “winpkfilter frameworkkerneldriver” on ANOTHER Vista x86 system?
This is very confusing… I can send you installation script to refer, but it does not do anything special beyond mentioned commands.
going through reference install script will help. as we may be doing something wrong.
here are the steps we followed.
1) installed winpkfilter on vista x86.
2) copied winpkfilter frameworkkerneldriver directory.
3) uninstalled winpkfilter s/w
4) tried to run snetcfg from the copied directory on the same machine.
5) copied directory to second vista system and tried to run snetcfg from the copied directory.both (4) & (5) steps failed with error code 0x80070005
6) repeated (1) to (5) on two different vista systems… unsuccessfully.
please send the install script.
Anil Chandra K
please send the install script.
E-mailed to the address specified in the forum details.
Just for sure, are you playing with standard or custom build? Here can be the difference, since custom build has different device name.
Hello,
Thanks for the installation script.
Though we use different installation script, I studied the install script sent by you.
1) Filename: “{app}Kerneldriversigndrv.bat”; Parameters: “save”; StatusMsg: “Saving current driver install policy…”; Flags: runhidden
the signdrv.bat does not take parameter “save”
i get the error “Usage: signdrv.batwhen I run that. 2) I get the same error for “restore” parameter.
i checked the signdrv.bat file to see the script. there are no options for “save” and “restore”. But my question is how they are successfully executed during installation of winpkfilter?
3) I found a set of files in winpkfilter frameworkkernelbinimdrvamd64 except for snetcfg, I tried to execute. without success.
I have following questions.
1) am I using different files?
I am sending the files to you. just check if I am working on correct files2) when I use command prompt in vista, are the commands run as administrator? I dont understand windows as much 🙂
3) are the drivers different for amd machines? i am using amd processors for both the vista systems I am using. But if that is the case, why is the winpkfilter installation successful?
Thanks in advance.
Anil Chandra K
Hello,
Thanks for your support and time.It was MY MISTAKE.
the second point in the previous post is the issue.
Stupid windows and its ways!
anyways, I could run everything as given in help. the command prompt needs to be “specially created & opened” to run as administrator for security reasons.
We thank you for your time and apologies for this mess.
Regards,
Anil Chandra K
I’m glad tat the issue is resolved.
i checked the signdrv.bat file to see the script. there are no options for “save” and “restore”. But my question is how they are successfully executed during installation of winpkfilter?
The reason is that there are two versions of signdrv.bat with different syntax. Latest one has simplified syntax of disable/enable. Thats why you got that error message.
- You must be logged in to reply to this topic.