What contents is contained in ndisrd.sys driver source code

Home Forums Discussions Support Portal What contents is contained in ndisrd.sys driver source code

This topic contains 1 reply, has 2 voices, and was last updated by  Vadim Smirnov 10 years, 10 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #5161

    speedvoipok
    Participant

    If I want to order ndisrd.sys driver source code, pls tell me what contents or components is contained in its source code base?
    For windows x64 OS, why not continue to adopt NDIS-hooking technology, but official IM driver scheme for ndisrd.sys?
    I search winpkfilter over google and find that an Austria-based company DeskSoft(http://www.desksoft.com) builds its product BWMeter upon WinpkFilter, is it true? Can u confirms that if u don’t mind?

    #6518

    Vadim Smirnov
    Moderator

    If I want to order ndisrd.sys driver source code, pls tell me what contents or components is contained in its source code base?

    It contains the complete source code for the NDIS hooking and IM drivers.

    For windows x64 OS, why not continue to adopt NDIS-hooking technology, but official IM driver scheme for ndisrd.sys?

    Windows XP/2003 x64 introduced PatchGuard technology which protects NDIS.SYS export table from modifications (if PatchGuard finds that NDIS.SYS was modified then it crashes the system). This is also true for Vista/2008 x64. Preventing PatchGuard from doing is job is possible but requires kernel modifications and these modifications are different for different kernel builds because MS updates PatchGuard each time when they got informed there is a way to workaround the current implementation.

    I search winpkfilter over google and find that an Austria-based company DeskSoft(http://www.desksoft.com) builds its product BWMeter upon WinpkFilter, is it true? Can u confirms that if u don’t mind?

    Yes, it is true.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.