I'd like to somehow hook into the local system's network stack开发者_StackOverflow社区 to capture outgoing network packets without using Winpcap. Unfortunately it tends to crash my system every now and then.
Is there a way to "sniff" outgoing traffic of the local system from a user space process written in a .NET language?
What you want is the Network Monitor API. More here and here.
I use smsniff from NIRSOFT. You need to be admin on the machine to sniff any traffic.
http://www.nirsoft.net/utils/smsniff.html
I have never seen .net used to sniff traffic. But maybe NetMon from Microsoft has a COM interface you call from .Net
But as always you need to be admin to sniff traffic, since it is needed to put the NIC in promiscuous mode.
精彩评论