kf

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 19 total)
  • Author
    Posts
  • in reply to: detect Sent or received message? #6545
    kf
    Participant

    hm okay thx. how works the winpkfilter, for setting up the SEND / Received message?

    and what do you think, how many packets are an overflow from the local mac if i capture theses by it

    in reply to: Packet Length via ip_len failed? #6542
    kf
    Participant

    i found the answer!.


    unsigned short length = ntohs(pIpHeader->ip_len) - ( pIpHeader->ip_hl*4 + pTcpHeader->th_off*4);

    can someone say yes or no? 😀

    in reply to: IP-Adress Redirect? #6416
    kf
    Participant

    ok thx. i think i got it.

    in reply to: IP-Adress Redirect? #6414
    kf
    Participant

    Hm okay, would try some things. Big thx for you help.

    Last-Question:
    How can i modify the destination MAC?

    In addition to IP address you also have to change the destination MAC

    in reply to: IP-Adress Redirect? #6412
    kf
    Participant

    Okay thx.

    The IP-Header stores the source and destination ip and port. if i capture a specific IP-Address (e.g. 66.127.13.23) and want to redirect the request over a proxy i change the destination ip to my proxy ip-address.

    But how does the proxy know, where the ip-packages should be sent? The original ip (here 66.127.13.23) is at the proxy not available?

    in reply to: IP-Adress Redirect? #6410
    kf
    Participant

    Maybe i’ve the problem:

    in may case i modify the ip-header – i change the destination requested IP (e.g. google.de) to my proxy(192.168.1.8).
    In that case i delete the orginal destination IP and the proxy do not know where the packages should be sent…..

    hmm.. Ok. But how can i say, that the package should first be sent to an other IP? (And how can i keep the orginal destionation IP?

    in reply to: How to manage (Proxy) Re-Routing Packages? #6409
    kf
    Participant

    Okay it works fine! Thx. That link was very helpful:
    http://www.ntndis.com/forum/viewtopic.php?p=917&sid=d5925c2d83c622468d49c84caca81b75
    http://www.ntkernel.com/forum/viewtopic.php?t=550&highlight=check+cheque+sum

    So my last question (problem):

    If i use the RecalculateIPChecksum() without changing the ip-address, the packages are droped in the pipeline?


    RecalculateIPChecksum( &PacketBuffer );

    Next, How can i enter an ip-adress? (to: pIpHeader->ip_dst)
    e.g. 192.168.1.9 ?

    in reply to: How to manage (Proxy) Re-Routing Packages? #6408
    kf
    Participant

    I’ve found the source-code fore a new checksum.

    Can i change the ip-address(es) and recompute the checksum is that everything i need?


    ::ZeroMemory( &pIpHeader->ip_dst, sizeof(in_addr));
    ::ZeroMemory( &pIpHeader->ip_src, sizeof(in_addr));

    ::RecalculateTCPChecksum( &PacketBuffer );

    hmm whats wrong?

    in reply to: How to manage (Proxy) Re-Routing Packages? #6407
    kf
    Participant

    The Source-code download requires an username & password ? 🙄

    in reply to: How to manage (Proxy) Re-Routing Packages? #6406
    kf
    Participant

    Hm, thx. That is an empty url?

    EDIT: Sry the url is perfect 🙂

    in reply to: How to manage (Proxy) Re-Routing Packages? #6404
    kf
    Participant

    Hm… i tried to remote all destination informations like:


    ::ZeroMemory( &pIpHeader->ip_dst, sizeof(in_addr));

    but the messages archive the goals?

    Any ideas? 🙄

    in reply to: WinpkFilter – capture local packages? #6400
    kf
    Participant

    Okay thx for that information.

    PS:
    Hm i’ve tested that for MySQL(port 33056) and posgreSQL (port: 5433). The packages from postgreSQL couldn’t be captured, but the messages from mysql are captured perfectly 🙄

    in reply to: TCP/IP Hook – Traffic observing for all IP’s #6396
    kf
    Participant

    Wow – Big thanks for help!!!! 😛

    in reply to: TCP/IP Hook – Traffic observing for all IP’s #6394
    kf
    Participant

    Now i’ve tested the software…. and i have to say its a very good software, good job 🙂

    How can i filter packages from port 123 and how can i block it (that these packages do not archive its destination program?)

    in reply to: TCP/IP Hook – Traffic observing for all IP’s #6393
    kf
    Participant

    I tried to compile the MVC++ Sample Source-Code:

    But i still geht current error:


    1>Compiling...
    1>PacketSniffer.cpp
    1>StdAfx.cpp
    1>Generating Code...
    1>Compiling manifest to resources...
    1>Linking...
    1>PacketSniffer.obj : error LNK2019: unresolved external symbol "__declspec(dllimport) public: __thiscall CNdisApi::CNdisApi(wchar_t const *)" (__imp_??0CNdisApi@@QAE@PB_W@Z) referenced in function "void __cdecl `dynamic initializer for 'api''(void)" (??__Eapi@@YAXXZ)

    I’ve added the ndisapi.lib and the DLL is in the right directory 🙄

    PS: I solved that problem – you have to change the “Character Set” in the project settings. 🙂

Viewing 15 posts - 1 through 15 (of 19 total)