| Development Toolkits | |
| Windows Packet Filter Kit | WinpkFilter is a high performance packet filtering framework for Windows 9x/ME/NT/2000/XP/2003/Vista/2008/Windows 7/2008R2 that allows developers to transparently filter (view and modify) raw network packets with minimal impact on network activity without having to write low level TDI or NDIS driver code. WinpkFilter is more than just a firewall development kit for Windows. Wide range of solutions can be implemented using WinpkFilter: custom firewalls, internet connection sharing (NAT), IP shaper, VPN and many other low-level network solutions completely in user-mode using your favorite development environment: Visual C++, Delphi, C++ Builder, Visual Basic and etc. Using WinpkFilter requires no experience in kernel mode programming on your behalf since WinpkFilter provides you with powerful user level API. However, if you need to implement your solution (to achieve better performance) in kernel mode you can use well-documented raw IOCTL interface as well. |
| Virtual Disk SDK | Virtual Disk SDK is a library for software developers that allows to create virtual drives and disks, format them to FAT or NTFS or other file system, and mount as if they were physical devices without having to write low level driver code. Using Virtual Disk SDK requires no experience in kernel mode programming on your behalf since Virtual Disk SDK provides you with powerful user level API. |
| Local Network Monitor API | Local Network Monitor API is a high performance application-level network requests filtering framework for Windows NT/2000/XP/2003/Vista/7, that lets you control IP-family protocols activity on your local system in a real-time. API works at the Transport Driver Interface (TDI) level of networking operations in the operating system kernel and allows to view and control (block) application-level network activity. Local Network Monitor API is available for developing application-level network sniffers, traffic analyzers, traffic, meters, application network troubleshooting tools, firewalls, etc. |
| Network & Security | |
| NeT Firewall | NeT Firewall is a comprehensive stateful firewall solution built to protect Windows-based systems not currently protected by a firewall. Stateful inspection technology tracks each packet traversing the firewall and makes sure that they are legitimate. A stateful inspection firewall also monitors the state of the connection and compiles the information in a state table ensuring that the source and destination of each packet is valid. NeT Firewall is more secure than application-based personal firewalls, yet less expensive than high-end firewalls, providing comprehensive intrusion protection. |
| Local Network Monitor | Local Network Monitor is an application that lets you monitor and control network activity of TCP/IP protocol stack on your local system in a real-time. It monitors activity at the Transport Driver Interface (TDI) level of networking operations in the operating system kernel and intended for tracking down network-related configuration problems and analyzing application network troubleshooting, investigating and blocking suspicious network activity. Local Network Monitor lets you obtain detailed statistics on the applications network requests and amount of data sent and received over a connection and view the packet's content, which makes it a useful tool for performance diagnostics. |
| Virtual Network Interface - VirtNet | VirtNet is a dummy virtual network interface which can be used for various purposes (dummy network interface for some network application which requires the network card to work, virtual loopback adapter, virtual interface for routing some specific connections which is to be captured by packet filtering framework and etc..). |
| NeT Firewall Easy Go | NeT Firewall Easy Go is light version of NeT Firewall. In addition it also implements application packet level filtering rules and provides interface for average user. |
| System utilities | |
| Device Filter | DevFilter is a universal software bus analyzer for capturing device I/O that allows you to monitor all I/O request packets (IRP's) on your system, fast I/O requests and capture each request input and output data. It shows you all kernel-mode drivers installed on your Windows NT/2000/XP/2003 system and device objects created by these drivers. It also allows you to hook any of these devices (not more than 10 simultaneously by default) and monitor all requests to the selected devices that are delivered to their dispatch table. Please, note that it hooks a selected device, but not the one which can be above this device. This approach allows you to see the IRP path down the device stack, for example, to check if it was blocked by an upper level filter. All request input and output data are converted into request-associated structures or represented as a hexadecimal data dump. |
| SysView | This utility shows you some essential system information, such as loaded modules, processes (and associated modules), processor information, memory allocation granularity and etc.. |
| Crypto & Security | |
| Merge Streams | This utility shows you how merge MS Word streams and MS Excel Workbook stream . It can hide MS Excel document inside MS Word document or vice versa. If you wish to transparently hide some important documents inside old financial reports this is for you. It does not implement any crypto and is not secured enough, but like a smart trick. |
| WinpkFilter Advanced Samples | |
| Internet Gateway | This is a single threaded WinpkFilter based Internet Connection sharing solution provided with complete source code*. It implements simple TCP and UDP dynamic NAT, what allows you to share the single Internet connection over your home network providing the major Internet services (e-mail, WWW, FTP** and etc...). |
| Ethernet Bridge |
This is a small utility (driver and GUI configuration tool) for MAC level bridging TCPIP bound network interfaces (based on NDIS-hooking technology for Windows 2000/XP/2003). It can be used, an example, with OpenVPN in its bridging mode, especially with the server-end running on a Windows 2000 machine (which misses native bridging available since Windows XP) or just for bridging wireless and wired Ethernet when IP address space can't be divided into subnets. |
Copyright © NT Kernel Resources, 2000-2009. Design & Programming by Multi Service