Tracking of IO without using filter driver.
in [Device Drivers]
|
From: Pavel A. on 22 Feb 2010 07:04 "hitesh" <hitesh.ughreja(a)gmail.com> wrote in message news:2456c756-7a25-437f-8f02-8ac425a441b6(a)s36g2000prf.googlegroups.com... > Hi all, > We can see any read/write request @ filter driver stage. > but is it possible to track the same @ application layer? i am just > trying to capture the read write request send by any application. > if you anybody knew it then plz reply me, > thanks > Hitesh Install some hooks in the application, and you'll see the requests. --pa
From: hitesh on 1 Mar 2010 06:16 On Feb 23, 6:23 am, "m" <m...(a)b.c> wrote: > I agree. In this case, the OP sounds like he is trying to debug / analyze > his own program, so I suggested this. I hope that when he digs into it, he > will read all of the warnings about how unreliable and dangerous this is in > general without me repeating them ;) > > "Don Burn" <b...(a)stopspam.windrvr.com> wrote in message > > news:#u2Z0R8sKHA.1796(a)TK2MSFTNGP02.phx.gbl... > > > > > Detours will work, but Microsoft releases it for research purposes only.. > > Even then this is a form of hooking and certainly not something most > > people would want in a commercial product. > > > Don Burn (MVP, Windows DKD) > > Windows Filesystem and Driver Consulting > > Website:http://www.windrvr.com > > Blog:http://msmvps.com/blogs/WinDrvr > > > "m" <m...(a)b.c> wrote in messagenews:#kOqmL8sKHA.5936(a)TK2MSFTNGP04.phx.gbl: > > >> Search for detours. I have never used it, but have heard of some using > >> it > >> successfully > > >> "Kerem Gümrükcü" <kareem...(a)hotmail.com> wrote in message > >>news:#9o$Zl7sKHA.4920(a)TK2MSFTNGP06.phx.gbl... > > >> > What you are looking for is "Hooking",...but > >> > not really recommended,... > > >> > Regards > > >> > Kerem > > >> > -- > >> > ----------------------- > >> > Beste Grüsse / Best regards / Votre bien devoue > >> > Kerem Gümrükcü > >> > Latest Project:http://www.pro-it-education.de/software/deviceremover > >> > Latest Open-Source Projects:http://entwicklung.junetz.de > >> > ----------------------- > > >> > "hitesh" <hitesh.ughr...(a)gmail.com> schrieb im Newsbeitrag > >> >news:2456c756-7a25-437f-8f02-8ac425a441b6(a)s36g2000prf.googlegroups.com... > > >> >> Hi all, > >> >> We can see any read/write request @ filter driver stage. > >> >> but is it possible to track the same @ application layer? i am just > >> >> trying to capture the read write request send by any application. > >> >> if you anybody knew it then plz reply me, > >> >> thanks > >> >> Hitesh > > > __________ Information from ESET Smart Security, version of virus > > signature database 4886 (20100222) __________ > > > The message was checked by ESET Smart Security. > > >http://www.eset.com- Hide quoted text - > > - Show quoted text - hi, it is not the exaclty i am trying to hook, but just wanted to know if windows provides its own filter driver APIs which can help and serve the same purpose or not? regards, Hitesh
From: Tim Roberts on 3 Mar 2010 00:30 hitesh <hitesh.ughreja(a)gmail.com> wrote: > >it is not the exaclty i am trying to hook, but just wanted to know if >windows provides its own filter driver APIs which can help and serve >the same purpose or not? No, it does not. -- Tim Roberts, timr(a)probo.com Providenza & Boekelheide, Inc.
First
|
Prev
|
Pages: 1 2 Prev: Isoch resources problem x64 win7 1394 bus driver Next: out of order packets |