how to develop a firewall to monitor process and protocol Driver

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Drivers
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - how to develop a firewall to monitor process and protocol Driver how to develop a firewall to monitor process and protocol Driver and NDIS Intermediate Drivers??? I mean this: 1. protect process just need tdi filter , tcpip.sys ...... 2. how to monitor all protocol driver in the machine??? how sygate firewall to do it ?? hook registerprotocol ?? 3 .if a trojan is a NDIS Intermediate Driver , how to block it and monitor it ?? ok .thanks a lot horace Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47485
  - 2
    - WHQL Test: about the Siemens Nixdorf Card ================================ Part D: Smart Card Provider Test ================================ Insert any of the following PC/SC Compliance Test Cards: * Bull * G & D * IBM * SCHLUMBERGER * SIEMENS NIXDORF >> Please insert smart card Testing card SIEMENS NIXDORF Test No. 1 Buffer boundary test * FAILED - Transmit should fail due to too small buffer to solve it,the follwing code works... Status = SmartcardT1Request(SmartcardExtension); if ( Status != STATUS_SUCCESS ) { return Status; } but it caused another bug: IFSD request * FAILED - Test not performed if I don't return the failing Status when SmartcardT1Request failed, IFSD request would passed. Does anyone here had met such problem??? quite at sea now:-( do the boundary test and the IFSD request conflict? Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47484
  - 3
    - What ISA bus? We are porting Device Control software from MSDOS to Windows 98 and need to write a Device Driver for a legacy ISA Interface Card with Visual C++ 5.0 and the Windows 98 DDK (Driver Development Kit). There are multiple ISA slots in the Control PC so how do I specify what ISA bus the Interface Card is plugged into since it is not "Plug and Play" ? Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47478
  - 4
    - How to write INF file for sys? Sorry for this newbie question. Would anyone here please drop me a link? Thanks in advance. Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47476
  - 5
    - WinDbg Tools Hi, I have downloaded WinDbg 6.3.0017.0 Tools from following links: http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx I have installed this tools also. I would like to debug Kernel debugger for USB driver(*.sys file). When i run my application i'm getting Blue Screen error. How can i approach to debug sys file., when running application file? Looking forward your valuable reply. -- Thanks & Regards, NagarajuS Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47475
  - 6
    - Unidriver Minidriver dev tool and versioning the DLL Hi, Can anyone tell me the proper way to add/change the version information on the DLL created with the help of the print Minidriver development tool? When creating a project with Print MDT, it generates the RC file for you and if you change it manually with new version information, it complains the next time you load it up. If you allow it to reprocess the RC file, you lose what you put in there. Am I stuck with the Microsoft copyright and version number? Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47474
  - 7
    - Need copy of latest Win DDK Could anyone do me a really huge favor and send me the *.h and *.lib files from the latest WIndows DDK? You can no longer download them from MS (unless you have MSDN, which I don't). I've ordered the CD, but I need to get some software to read a USB device working in the next couple of days. Please (please!) send the files to wexler "at" ccr.jussieu.fr Thank you VERY much. Mark Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47462
  - 8
    - How to get SessionId in Win Server 2003 How do i get the sessionid in a driver on windows server 2003 platform? Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47458
  - 9
    - how to check shared memory created by ExAllocatePoolWithTag using winobj.exe? I created one shared memory from ExAllocatePoolWithTag with tag "MpaM", but I couldn't find it in winobj.exe. Also, does all the shared memory will be shown in BaseNamedObjects with type Mutant? Thanks Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47455
  - 10
    - 1394 Async Write STATUS_IO_TIMEOUT Hi, I have to perform an async write to an IEEE 1394 bus device. The device 'stalls' the response until it completes the operation which is triggered by the write request. Currently this takes aprox. 270 ms. But it seems that the 1394 bus driver stack of W2k Prof. SP4 completes the transaction prior by returning STATUS_IO_TIMEOUT. (After approx. 200ms.) Under WXp SP1 I could not observe this behavior so far. Are the corresponding timeout values defined in the IEEE 1394 bus spec.? Is there a facility to tweak the applied timeout value at the 1394 bus driver stack? Any hints are appreciated. Thanks, -Volker Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47454
  - 11
    - Shared memory issue between driver and application Hi all, I am newbie for driver programming. I created a shared memory in driver program using ExAllocatePoolWithTag, the last parameter is the address a string "ADDR". Then I tried to access that shared memory from one application using OpenFileMapping with lpName "ADDR". It failed, shows no access to that memory. Then I changed the parameter in OpenFileMapping to a random bad name, I got the same error. That program can work with shared memory which created using CreateFileMapping. Any suggestion are highly welcome. Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47450
  - 12
    - How to get USB device name Hi, I modified the Microsoft DDK sample USBView to enumerate all devices on the USB. But now I need a device name to make a CreateFile() on each Device. File names in the format "\\.\USB#Vid_04cc&Pid_1122#5&d3bcdf4&1&1# {f18a0e88-c30c-11d0-8815-00a0c906bed8}" can I get only for external USB hubs, but not for other devices. How can I get these file names for my devices? Thanks Michael Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47448
  - 13
    - Problems building vxds with Me ddk ... Hi There is a way to accomplish this using DDK's Me build environment and Visual C++ 2003 ? When I open the build environment it says: Installation of MSVC not detected!!! ERROR: MSDEVDIR Environment variable not recognized. Microsoft Visual C++ 6.0 must be installed. Thank you -- Leandro Gustavo Biss Becker eSystech Embedded Systems Technologies +55(41)3029-2960 http://www.esystech.com.br Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47447
  - 14
    - Full Duplex hi! I am writing a driver for a thernet controller which supports 100/10 Mbps Ful duplex operation.. at one place in the documentation for the MiniportqueryInformation I read that WinCE doesn't support full duplex.. At many other places there are statments like "if the miniport driver is full duplex".... Now I am not able to understand clewarly that whether or not I can take th full duplex adavantage of my NIC through a miniport driver writtten for WinCE. Can anyone please clarify me on this. regards -Nitin Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47432
  - 15
    - DeviceIoControl returning ERROR_FILE_NOT_FOUND Hi I have more than one IOCTL in my driver but one of them is giving error ERROR_FILE_NOT_FOUND when I call DeviceIoControl. The IOCTL is implemented in the driver, and was working ... But I have changed only the check about the buffer size passed to the driver and have put a critical session protect by a spin lock into the IOCTL processing and only for this IOCTL the error is ERROR_FILE_NOT_FOUND. the others IOCTL are working fine. any ideas ? Thank you -- Leandro Gustavo Biss Becker eSystech Embedded Systems Technologies +55(41)3029-2960 http://www.esystech.com.br Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47427
  - 16
    - adding and communicating with a com port that has no hardware How does one add a com port that has no hardware? Once the port is added how do you communicate with it from another application? Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47410
  - 17
    - CHAT: Windows Driver Foundation Ask The Experts Online Chat: Windows Driver Foundation Need to learn more about Windows Driver Foundation (WDF) and the types of drivers that can be written using WDF? Join us to learn more about the kernel mode framework and fundamental concepts of Windows Driver Foundation. July 27, 2004 11:00 A.M. - 12:00 P.M. Pacific time 2:00 - 3:00 P.M. Eastern time 18:00 - 19:00 GMT Chat date/time by city: http://www.timeanddate.com/worldclock/fixedtime.html?day=27&month=7&year=2004&hour=11&min=0&sec=0&p1=234 To add this to you calendar: http://msdn.microsoft.com/chats/outlook_reminders/win_jul27.ics For more info on MSDN chats, including other upcoming developer chats, chat archives, and other info see http://www.msdn.microsoft.com/chats. Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47408
  - 18
    - There is a way to queue a APC from a NT driver to be handled by a user level process (like vxds can do with _VWIN32_QueueUserApc) Hi There is a way to queue a APC from a NT driver to be handled by a user level process (like vxds can do with _VWIN32_QueueUserApc...) Thank you -- Leandro Gustavo Biss Becker eSystech Embedded Systems Technologies +55(41)3029-2960 http://www.esystech.com.br Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47400
  - 19
    - FAT File Systems and Enc/Dec Filter Drivers Hi Gurus, Is there any special cases that are to be handled while writing an Encryption/Decryption Filter Driver for FAT32 File systems. Actually we are witnessing some frequent crashes with respect to FAT whereas with the help of NTFS its perfectly working. Has anyone witnessed this kind of problem with FAT? Thanks and Regards Shal Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47399
  - 20
    - Print driver: Removing PaperSize definitions Hi, I noticed a problem with the size of a vendor specified paper size in my Unidriver GPD file. I fixed it, but it appears that the old definition still exists. I did a search on my XP registry and found the old name under several entries, one being HKLM\SYSTEM\CurrentControlSet\Control\Print\Forms. I think this is causing me problems because the only way to get the fixed version to appear in the driver "properties" section is to give it a different name. Is the only way to remove the paper size definition to manually delete it from the registry? Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47394
  - 21
    - ImageProcessing and banding... Hello all; (Win2K UNIDRV OEMDLL) I'm doing a custom halftone (downconversion from 8BPP to 1BPP) in ImageProcessing, and handing the bitmap back to UNIDRV for output to spooler. With a res of (203(X) x 508(Y)), when a page is rendered in 2 bands (i.e., a 1728 wide x 5588 Letter size page), the data output is 2 x the height of the first band, NOT the sum of band heights. That is: (from pBitmapInfoHeader->biHeight) Band 1: 2800 lines high Band 2: 2788 lines high. Data out = 5600 lines, NOT 5588. Obviously, the last 12 lines are garbage data. I'm processing the data and returning it in the supplied bitmap area, and returning *ppbResult = pSrcBitmap; for each band. Should I handle banded (repeated) calls to ImageProcessing *differently* from single-band page calls? If all else fails, I can write to the spooler directly, but I'd rather not. Thanks! -- J.C. Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47389
  - 22
    - Does IOCTL_USB_GET_NODE_INFORMATION trigger USB bus enumeration? Does anybody knows how ecxatly IOCTL_USB_GET_NODE_INFORMATION and IOCTL_USB_GET_NODE_CONNECTION_NAME calls work? I am developing a USB device driver for a USB device. And for the testing reason I want to have some PC application wich can show me if my device was succesfully enumerated. But I donâ??t want to force the enumeration by this applications. The UsbView example from DDK looks useful for my purpose, but unfortunately I canâ??t find any information about IOCTL_USB_* calls. Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47388
  - 23
    - How to write and read from a I/O address directly in VC++? Hi My friends, My company made a very old motor controller, it's a ISA card. It works under DOS now. Our customer and my boss want it can be worked on Windows operating system(XP or NT) I checked its source code( for DOS 6.22), most of controls are done by writing and reading from several I/O addresses. As I know in windows, I can not access low level I/O directly. Would you like to tell me how to do it? I think i need to write a driver for it. If you could give me some information on how to write device driver, I will really appreciate it. I 'm a VC++ programmer, but I never wrote driver before. If you'd like to write to me, you email address is lchang@andec.ca Thanks ahead. Larry Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47387
  - 24
    - SATA disk drives - IOCTL_ATA_PASS_THROUGH support I've been looking for a third party SATA controller that supports IOCTL_ATA_PASS_THROUGH, but I've had no luck. Does anyone know of a controller that supports this? From what I've seen, third party SATA controllers (Adaptec, Promise) are implementing there miniport drivers as SCSI miniport drivers, so IOCTL_SCSI_PASS_THROUGH is supported, but not IOCTL_ATA_PASS_THROUGH. This makes something as simple as sending an Identify command through the pass through interface impossible (?). Also, does anyone know if the Intel ICH5 chipset supports the IOCTL_ATA_PASS_THROUGH for SATA devices? Any feedback would be greatly appreciated. Thanks, Jeff Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47383
  - 25
    - Device to be opened from a DOS program (i.e., NTVDM) Hello, currently, I'm trying to modify a driver to be able to be opened from a legacy DOS program (compiled with Turbo Pascal, if this matters). Anyway, I can't find a way to do it. There is a Symbolic Link created, and opening it from a Win32 application works like a charm. Anyway, if the DOS based program opens the device (with a call to LongOpenFile('\\.\giveio', F, fmReadOnly)), the call always fails. Anyway, I can see from the debugger that the device is opened and immediately closed. And: Yes, I always return STATUS_SUCESS in response to IRP_MJ_CREATE: Irp->IoStatus.Information = 0; Irp->IoStatus.Status = STATUS_SUCCESS; IoCompleteRequest(Irp, IO_NO_INCREMENT); return STATUS_SUCCESS; There is no other return path. I don't have a clue what to do. I thought that the symbolic link might need to be created somewhere else than in \DosDevices\, but since the IRP_MJ_CREATE routine is called (as well as the IRP_MJ_CLOSE routine), I don't know where to search. I already had a look at how LPTx are created, as they are accessible to NTVDM programs, too, but I could not find a hint what I am doing wrong. Any ideas? Regards, Spiro. -- Spiro R. Trikaliotis http://www.trikaliotis.net/ Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47373
- Next
  - 1
    - Point And print printing, cross platform problem Hello, I have tried following combinations:- Note:- server is the machine were a printer has been shared. Client is a machine which connects to the printer share. 1) windows 2000 client and windows 2000 server 2) windows XP client and windows XP server 3) windows 2003 client and windows 2003 server. All the above cases works fine.GetPrinter(...) returns a non-NULL DEVMODE in PRINTER_INFO_2 on the client and is the expected outcome But if I am to mix like below:- windows 2000 server and windows XP client when I call GetPrinter(...) on the client machine. the pDevMode becomes NULL, I feel I am missing something in my printer driver. What could be the reason? thanks vipin Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47370
  - 2
    - Selective IM filter install I have an IM filter that I want to install along side my virtual NDIS driver. I don't want the IM driver to bind to my NDIS device. What do I need to do to my IM .inf file so that the virtual NDIS driver's original Linkage\UpperBind value does not get modified? Thanks, John Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47368
  - 3
    - Unidriver PaperSize feature Hi there, I have a GPD file for Unidriver that specifies 6 different possible paper sizes using the PaperSize Feature. When I look at the Printer Properties when my driver is installed, I see all 6 sizes available. This is good, but when I open Microsoft Word, only 3 sizes show up in the Page Setup/Paper Size menu. I've tried everything I can think of, but still only 3 sizes show up in MS Word, but all 6 in Printer Properties. Is there something I'm doing wrong or is this an issue with MS Word?? Thanks Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47363
  - 4
    - Builder drivers with Windows Me DDK (comes with 2003 DDK) and Visual Studio 2003 Hi I need to build drivers using the XP DDK (working fine with VS 2003) and Me DDK (vxds). When I try to open the build environment for Me DDK it says that cannot find the VS 6.0. There is a way to use the Me DDK with only the VS 2003 installation ? Thanks -- Leandro Gustavo Biss Becker eSystech Embedded Systems Technologies +55(41)3029-2960 http://www.esystech.com.br Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47353
  - 5
    - How to force Windows to ignore USB port difference? Hi, I search all along a method that to force Windows ignore USB port difference, because when my usb device is inserted another port Windows XP will guide to install its driver. In general, it's OK and friendly, but in my case user will have no chance to install it. So automatically setup usb device is must. One method is that to add a serial number in device itself. It's said that it's OK. But I cannot demand device provider do such. Another one maybe is to let Windows XP to ignore USB port difference. But how can I do it? Thanks, xuniuer Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47352
  - 6
    - ISA-Device and PnP-Manager Hello, I have a ISA-LCD device and the PnP Manager starts the HW-Wizard. So far so good. When I give the Wizard my driver for this device, only the memory resource (not the port I/O and interrupt resources) are installed. When I cancel the PnP HW-Wizard and install my driver with system->Add Hardware Wizard the resources are all available. But after the next boot the PnP Manager finds a new device (other display) and starts the HW-Wizard and my driver has the yellow exclamation mark. When I uninstall the driver rudiment "other display", my driver gets all resources and the exclamation mark is gone. How can supress the start of the PnP HW-Wizard for this device??? Thanks Axel Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47350
  - 7
    - WHQL test :card reader test failed in power management test I am doing WHQL test for smart card reader. As a serial attached smart card reader,and the power is supplied by an adaptor. when trying card reader test,failed in Part E: Power Management Test: GetOverLappedResult: expexted:3e4 returned:0 The CTS signal is used to track card insert/removal. Even the system hibernate,the reader is always powerd by the adaptor... in this case,what measure should i take? I mean :the cardtracking policy.. Thanks for your attention:-) Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47347
  - 8
    - Windows XP Spooler Hi Under Windows NT4.0 the spooler would load any language/port monitors immediately when the spooler was started. Under Window XP Pro SP1 the spooler can take up to 2 mins before it loads them. This is circumvented as soon you access the print manager or send data to the printer. Is there a way to get this to behave in the same fashion as NT, i.e. load the monitors as soom as I start the spooler. Thanks Sandy Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47346
  - 9
    - How do I access a LPC I/O, general question Hi guys, first of all I'm all new to this kind of work, so please forgive me my ignorance. I used to programm microcontrollers like the Infineon C16x or Phillips 8051 Series. I have never done any hardware programming for the windows 32bit plattform. To make this short. I'd like to know what I have to do to be able to access registers of a chip like the Winbond W83627THF LPC I/O http://www.winbond-usa.com/products/winbond_products/pdfs/PCIC/627hf.pdf Do I need the DDK, is it possible to access the chip via windows-api? How do I access a certain register, if I know the hex address according to the manual? With the microcontrollers I programmed I just had to read from this adress, like: #define LEDS 0xFF04; if(LEDS==0x01){..} Maybe someone has got a hint or links to docs I should read. Thanks in advance, Richard Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47345
  - 10
    - access the harddisk bitwise Hi I'd like to read and write directly from/toto a harddisk. What type of driver do I need here? So what I want is to access the disk like e.g. PartitionMagic does... any ideas how to do this? (I don't think it's possible without driver... or am I wrong?) thanks MR Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47343
  - 11
    - toaster driver question In the DDK toaster example how does it keep track of the HardwareIds of the different devices attached on the toaster bus.I saw that PDO_DEVICE_DATA has PWCHAR HardwareIDs but how do we keep track of each PDO we attach on the bus . Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47336
  - 12
    - Print Gremlin Hello All, My winxp DDK at home which is the latest has the print gremlin tool in it but one at workplace doesn't. So I had like to downlaod this from somewhere. Can someone point me to it on internet? It is set of emf files and an executeable pgremlin.exe. thanks vipin Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47328
  - 13
    - Windows 2003 Server compatibiliy Hi, I figure this is the write group to ask this sort of question. I am trying to determine general device driver compatibility with Windows 2003 Server. Sepcifically if a hardwar has a Windows XP or Windows 2000 driver will it be compatible with Windows 2003 Server. I have looked for info but have not been able to find a specifc specification or standard that seperated 2003 drivers from their XP or Win2k counterparts. Could somebody please clarify this for me. Thanks, Ward. Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47321
  - 14
    - UMSS for win 98 Hi,All: I used Microsoft release UMSS source code to develop our USB mass storage driver for windows 98. I found that When AEP_DEVICE_INQUIRY is received, I create IOP and submit ILB request to call my WDM driver. Normally the ILB request will wait until my calldown complete routine is complete, then I free the IOP. But sometimes the ILB request will complete after calling my WDM driver(my WDM driver don't issus complete). When my calldown complete routine is complete, the system hang. Because the IOP is free. Does Anyone know what happen? Gil Source code: ((PISP)&IOPCreateISP)->ISP_func = ISP_CREATE_IOP; IOPCreateISP.ISP_IOP_size = IOPLength; IOPCreateISP.ISP_delta_to_ior = (ULONG)&(((pIOP)0L)->IOP_ior); IOPCreateISP.ISP_i_c_flags = ISP_M_FL_MUST_SUCCEED; // Call IOS ILBService(&IOPCreateISP); // // Build our I/O request // // Call IOS to fill in SG descriptors, etc. ILBCriteria(Iop); // Submit request to IOS ILBRequest(Iop, Dcb); // Free our IOP ((PISP)&AllocISP)->ISP_func = ISP_DEALLOC_MEM; ((PISP_mem_dealloc)&AllocISP)->ISP_mem_ptr_da = (ULONG)Iop; ((ILB_internal_request_func)(UMSSPDR_Ilb.ILB_service_rtn))((PISP)&AllocISP); Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47315
  - 15
    - SetPrinterData Dears, I'm building cosumized dll using unidrv model (oemdll example). I used SetPrinterData and GetPrinterData in the UI dll it worked fine, GetPrinterData also worked fine in the customizaion dll of the graphics engine. I'm faceing a problem I tried to use SetPrinterData, or EngSetPrinterData, both return code 5, i guess this means access violation. the code is: dwResult = SetPrinterData(pdev->hPrinter, STDSTR_FONTDATASIZE, REG_DWORD, (PBYTE) &FontSize, sizeof(DWORD)); where FontSize is a DWORD and STDSTR_FONTDATASIZE is defined as follows: #define STDSTR_FONTDATASIZE TEXT("FontDataSize") hPrinter is stored when the driver received the EnablePDEV call, and it worked in GetPrinterData. Please if any body knows what is going around please advise. Best regards, -Amer Malas. Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47314
  - 16
    - questions about inf file I'm new to driver development¡£I want to install an USB device driver to windows2000.But the os always tell me that "there is not hardware information in the position"(I translate it from Chinese). My inf file is: [Version] Signature = "$Windows NT$" Class = USB ClassGuid = {36fc9e60-c465-11cf-8056-444553540000} Provider = %INF_Provider% DriverVer = 06/19/2004,1.00.00.1 [DestinationDirs] DefaultDestDir = 12 [Manufacturer] %MyCo% = MyCompany [MyCompany] %USB\VID_FEAD&PID_0032.DeviceDesc%=InstallMyDev, USB\VID_FEAD&PID_0032 [InstallMyDev] CopyFiles=MyCopyFile AddReg=MyAddReg [MyCopyFile] PowerManage.sys [MyAddReg] HKR,,DriverFlags,0x00010001,0x00000002 [SourceDisksNames] 1 = %File_NAME%,,,\WinNT [SourceDisksFiles] PowerManage.sys = 1 [Strings] INF_Provider = "sotfware of ZhangHe Corporation" MyCo = "hardware of ZhangHe Corporation" USB\VID_FEAD&PID_0032.DeviceDesc = "USB power manage" File_NAME = "Power Manage System File" Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47311
  - 17
    - windows = realtime? Hello, I have posted similar topic some weeks ago and now I want to discuss it further. I'm searching for operating system to meet real-time constraints. I know that windows is not true real time system, but I have found some papers complaining that Windows NT can be used as real time system. It complains that total interrupt latency of NT is about 30 microseconds. That sounds good for me. I found nothing about Win 2000 and XP interrupt latency. Maybe someone knows? I think if I write my apps in Ring0 as kernel mode drivers, then I will have latency as system interrupt latency. So why Windows cant be used as real-time system? Maybe someone have good ideas or links about that. I found it very interesting topic. I have searched through internet and found lots of add-on for linux kernels, but they can guarantee about 30 microseconds latency. Developers complain that these add-ons is real time. So why windows with 30 us latency can't be real time? Thank you for any thoughts. alpha Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47307
  - 18
    - Driver error (I am a newbie at this) I used the function ZwCreateFile in a keyboard driver source code (C language). The DDK linked it well but when I install the driver, reboot and press a key (in the source code I wrote to do ZwCreateFile when I press a key) There is a black screen for about half a second and then it reboots again. I debugged it and now I know that it happens exactly in the ZwCreateFile. When I linked the same source to a normal EXE file the open worked well and there were no runtimes. What it the problem? Can't I use ZwCreateFile in a driver? Wrong parameters maybe? Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47301
  - 19
    - Disable TC Card Driver by script or ...? I need to disable/enable my TV card drivers easily. Is there a chance to do so other than the Device Manager? Actually I am looking for a script or something which I can use as a shortcut. Unfortunately I do not know much about this, but maybe some of the experts can help me out. Regards HW Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47300
  - 20
    - Type3InputBuffer Are there any directions / restrictions on how to use Type3InputBuffer ? thanks, dave Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47290
  - 21
    - memory backed files I want to write to a memory backed file. I create a file - I create a section with the file handle I open a view on the section. Question: It appears that once I've got a section, I just write to the mapped section. Then I close everything up and viola, stuff just shows up on the disk when the MM is done having its way with it. Fine, how big is the file ? There is a MaximumSize arg to ZwCreateSection, and a flag SECTION_EXTEND_SIZE. But how do I guess at a size, then if turns out I did not need so much memory, how do I shrink it down? And conversely, If I need more, how do I grow it? Thanks -- Gak Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47286
  - 22
    - simple HID report descriptor READ response since i have accomplished what my original issue was, i am moving my new issue to a new thread. i am writing a virtual joystick HID device driver and am trying to respond to the read requests. i have the following report descriptor defined: char ReportDescriptor[31] = { 0x05, 0x01, // USAGE_PAGE (Generic Desktop) 0x15, 0x00, // LOGICAL_MINIMUM (0) 0x27, 0x00, 0xfa, 0x00, 0x00, // LOGICAL_MAXIMUM (64000) 0x09, 0x04, // USAGE (Joystick) 0xa1, 0x01, // COLLECTION (Application) 0x05, 0x01, // USAGE_PAGE (Generic Desktop) 0x09, 0x01, // USAGE (Pointer) 0xa1, 0x00, // COLLECTION (Physical) 0x09, 0x30, // USAGE (X) 0x09, 0x31, // USAGE (Y) 0x95, 0x02, // REPORT_COUNT (2) 0x75, 0x40, // REPORT_SIZE (64) 0x81, 0x02, // INPUT (Data,Var, Abs) 0xc0, // END_COLLECTION 0xc0 // END_COLLECTION }; i believe i have the settings correct for REPORT COUNT and REPORT SIZE. in the read processing routine i have the following: ------------------ ULONG readReport[2]; ULONG bytesToCopy = 8; IrpStack = IoGetCurrentIrpStackLocation(Irp); readReport[0] = 15000; readReport[1] = 15000; RtlCopyMemory(Irp->UserBuffer, readReport, bytesToCopy); Irp->IoStatus.Information = bytesToCopy; } ------------ i have left out some code, but this is the meat. am i responding correctly given the above report descriptor? any direction would be much appreciated. garritt Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47280
  - 23
    - Bug check KMODE_EXCEPTION_NOT_HANDLED (1e) FOLLOWUP_IP: drv+5639 b78b7639 83782800 cmp dword ptr [eax+0x28],0x0 What is the 5639 tells me? Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47278
  - 24
    - Device interface classes Hi, Please, help! Where can list of w2k Device interface classes with GUID ? Thanks, Michael Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47273
  - 25
    - Wi-Fi card drivers hallo ALL Can you help me I need drivers for wi-fi card ander win 98. Card is Prism model gl241102 or gl241101 If you have such drifers mail me please(attach this drivers) fb2302@ptf.ntu-kpi.kiev.ua Denis Vergiles Tag: how to develop a firewall to monitor process and protocol Driver Tag: 47269

I mean this:

1. protect process just need tdi filter , tcpip.sys ......

2. how to monitor all protocol driver in the machine??? how sygate
firewall to do it ??
hook registerprotocol ??

3 .if a trojan is a NDIS Intermediate Driver , how to block it and
monitor it ??

ok .thanks a lot

horace

Top