Vadim Smirnov

Forum Replies Created

Viewing 15 posts - 916 through 930 (of 1,496 total)
  • Author
    Posts
  • in reply to: custom PKT&TCP RESET,Block page for Winpkfilter wwwcenso #6665
    Vadim Smirnov
    Keymaster

      It looks you know what you need to do. What help are you asking for?

      in reply to: custom PKT&TCP RESET,Block page for Winpkfilter wwwcenso #6663
      Vadim Smirnov
      Keymaster

        You can modify the packet directly without making a copy. However, don’t forget to recalculate checksums before reinjecting the modified packet. Also, if you change TCP data length you have to change TCP header SEQ value.

        in reply to: WinpkFilter 3.0: Wireless Access Failure #6660
        Vadim Smirnov
        Keymaster

          NDIS_PACKET_TYPE_DIRECTED limits packets received to only packets having the destination MAC address equal to local system MAC address. You have also to allow broadcast packets to let the system function normally:

          NDIS_PACKET_TYPE.NDIS_PACKET_TYPE_DIRECTED | NDIS_PACKET_TYPE.NDIS_PACKET_TYPE_BROADCAST

          in reply to: WinpkFilter 3.0: Wireless Access Failure #6658
          Vadim Smirnov
          Keymaster

            I have performed some experiments with wireless network adapter on Windows XP SP3 having Norton Internet Security installed. I can confirm that after installation of WinpkFilter NDIS IM driver wireless connectivity is lost. But it is restored after reboot. Sometimes network stack can’t be rebound dynamically and after installation of NDIS IM driver you may have to reboot. This probably the case your users have met with WinpkFilter (both reported cases had Symantec software installed).

            in reply to: Winpkfilter Lock up with Kaspersky Internet Security #6650
            Vadim Smirnov
            Keymaster

              We have received few complains on WinpkFilter conflict with KIS 2008/2009, however we were not able to reproduce (it looks it happens only on small amount of systems) and thus can’t understand and fix this problem so far.

              It looks that the “lock up” you have expirienced depends from hardware configuration (installed hardware drivers) or some third software component in addition to KIS and WinpkFilter. Could you please post or e-mail to support(at)ntkernel.com the details of the software/hardware configuration?

              in reply to: WinpkFilter Driver v3.0.4 Incompatability Issue On Vista #6662
              Vadim Smirnov
              Keymaster

                NDIS IM driver is a standard Windows driver and by design it has a less chance of the software conflict with other third-party applications than NDIS hooking driver. Your case looks like a software conflict.

                in reply to: Winpkfilter Lock up with Kaspersky Internet Security #6648
                Vadim Smirnov
                Keymaster

                  Install Kaspersky Internet Security 7.0.0.125 d.f

                  We have tested the suggested configuration with Kaspersky Internet Security 7.0.1.325 (the latest one available from the official web site) and have not figured out any problems. May be the problem was specific to 7.0.0.125 and fixed in the current version.

                  Could you try to reproduce it after updating KIS to 7.0.1.325?

                  in reply to: WinpkFilter 3.0: Wireless Access Failure #6657
                  Vadim Smirnov
                  Keymaster

                    Could you try to completely uninstall Symantec software and check if problem with WinpkFilter disappear? This would help to identify the problem.

                    in reply to: WinpkFilter 3.0: Wireless Access Failure #6655
                    Vadim Smirnov
                    Keymaster

                      You still have not replied if you are using the latest WinpkFilter or ealier builds.

                      Try to e-mail us the list of installed drivers/softwares, this may sched some light.

                      Vadim Smirnov
                      Keymaster

                        How can I detect network interface’s status changes? And also enable/disable interface with winpk framework? Is there any details for delphi or c++?

                        http://www.ntkernel.com/wpfk-help/setadapterlistchangeevent.htm

                        As a second question, can I extract tcp packets from the SSL stream with winpk?

                        If this is about HTTPS then by port number 443. If another port used you can try to identify the connection, an example, by SSL certificate sent by server.

                        in reply to: WinpkFilter 3.0: Wireless Access Failure #6653
                        Vadim Smirnov
                        Keymaster

                          We are not aware about any problems with wireless adapters and WinpkFilter. However, please ensure that you are using the latest version of WinpkFilter.

                          Driver conflict with some other network software is possible and most usual problem of misbehave, details depend from what other third party low level network software you have installed on those systems.

                          in reply to: Signing Winpkfilter for vista x64 #6652
                          Vadim Smirnov
                          Keymaster

                            I’d recommend to sign both CAT file and driver image.

                            in reply to: winpkfilter disable #6647
                            Vadim Smirnov
                            Keymaster

                              INetCfg provides programming interface for network components management.

                              in reply to: winpkfilter disable #6645
                              Vadim Smirnov
                              Keymaster

                                You can uncheck WinpkFilter Service checkbox in the connection properties to disable it (by default the service is not hidden, but in can be hidden in the custom builds).

                                in reply to: Small IP address problem? #6643
                                Vadim Smirnov
                                Keymaster

                                  pIPHeader.DestIp := htonl(NewDestIP.S_addr);

                                  Don’t do this, you already have IP address in the correct byte order.

                                Viewing 15 posts - 916 through 930 (of 1,496 total)