locked
How to capture CIFS packets coming from remote machine using WFP? RRS feed

  • Question

  • Hi!

    I want to capture all the CIFS packets coming from a remote machine. And fulfill that request by getting the data from some other machine.
    For example, if a read SMB comes, i will inject a new packet  in the network (or make a new network call) to get the data from the other machine, and then complete the original request with the data received.

    My questions:
    1. Which layer should i choose for my callout driver?
    2. Is it possible to inject a packet to get the data from other machine?

    Thanks,
    Ayush
    Thursday, February 5, 2009 10:18 AM

Answers

  • By CIFS do you mean SMB over IP traffic (TCP Port 445) ?

    In your case does the system listening for such traffic? (e.g. Print & Fire Share enabled)

    Biao.W.
    Wednesday, February 11, 2009 3:58 AM