Home > Delphi, Network, Programming, Tech, Windows > Monitor network activity with WinPcap and Delphi

Monitor network activity with WinPcap and Delphi

I came across this information today, and although I don’t currently have an application for it, I have a feeling this will come in handy in the future.

The smart folks at Magenta Systems have written some components that allow you to monitor all network traffic using either raw sockets or the WinPcap device driver. If you are not familiar, WinPcap uses an x86 or x64 driver (depending on your current OS architecture) which uses NDIS to read packets directly from a network adapter. WinPcap exposes an interface that applications can tie into for further processing of this information.

From the website’s description:

There are two main low level components, TMonitorSocket in monsock.pas which supports raw window sockets, and TMonitorPcap in monpcap.pas that supports WinPcap. Both have very similar properties and return ethernet packets using identical events, formatted identically, allowing the same application to use either or both low level components. There are  subtle differences, raw sockets monitors a specific IP address, whereas WinPcap monitors all traffic on an adaptor. Both may potentially monitor traffic other than the local PC, depending on LAN structure. Common functions and declarations are in packhdrs.pas

Advertisements
  1. Frankie Espinoza
    October 21, 2010 at 1:01 PM

    Good hoot. Keep it up will visit your blog again for more valuable information’s…
    Thank You
    http://my.opera.com/frankieespinoza/blog/show.dml/19617592

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s