I want to see what kind of connections any program is doing, which port and see the program exe path 开发者_如何转开发etc.
I'm trying to achieve some sort of firewall notification system, it would pop up a window for me to tell that this and that port needs to be opened in order the program could work properly.
How do i get started on this?
You'll need to hook the socket API for each process you're willing to provide this functionality, or write a filter using WFP and a client application that receive the informations from your filter and shows a notification window.
Check out Windows Filtering Platform (WFP) API. Not sure how you correlate network activity to applications, but this is the correct place for you to intercept it.
netstat /o gives you the process id for each network connection, and netstat /b gives you the executable name.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论