[p2p-hackers] Measure per-application bandwidth in Win32

David Barrett dbarrett at quinthar.com
Fri Jun 16 19:24:42 UTC 2006


Thanks Alex.  All good suggestions, though I agree they're a bit on the
fringe.  The process injection technique is especially clever.

I was hoping you'd know of a secret undocumented "GetProcessNetStatistics"
function, but alas, it doesn't appear to exist.

-david

> -----Original Message-----
> From: p2p-hackers-bounces at zgp.org [mailto:p2p-hackers-bounces at zgp.org] On
> Behalf Of Alex Pankratov
> Sent: Friday, June 16, 2006 8:47 AM
> To: Peer-to-peer development.
> Subject: Re: [p2p-hackers] Measure per-application bandwidth in Win32
> 
> I am not aware of any Win32 API that does what you are asking
> for and I would be surprised if there's such functionality.
> 
> I can think of three ways of doing what you want though, all
> are pretty hacky and fairly complex.
> 
> Option (a) is to inject your traffic accounting DLL into each
> process using CreateRemoteThread trick (see injLib for details)
> and hook send/recv/etc functions. This is not hard to do, but
> requires some voodoo magic for taking care of freshly spawned
> processes.
> 
> Option (b) involves writing TDI driver or doing some sort of
> hooking at TDI level. That's I think how TCPView works.
> 
> Option (c) is to write generic driver that does NDIS hooking
> to get an access to network data at TCP/IP level. You will be
> able to trace Send requests back to the calling application,
> but you will need to create and maintain the state to deduce
> who Receives are for.
> 
> Alex
> 
> David Barrett wrote:
> > Do you know of any way to break down current bandwidth usage by
> application?
> >
> >
> >
> > For example, is there some application like netstat or Sysinternal's
> > TCPview that not only shows which connections are currently active (and
> > to which processes they belong), but how much bandwidth they are
> > actually using?
> >
> >
> >
> > Alternatively, do you know of any Win32 API functions that could be used
> > to write such a utility?
> >
> >
> >
> > -david
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > p2p-hackers mailing list
> > p2p-hackers at zgp.org
> > http://zgp.org/mailman/listinfo/p2p-hackers
> > _______________________________________________
> > Here is a web page listing P2P Conferences:
> > http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences
> _______________________________________________
> p2p-hackers mailing list
> p2p-hackers at zgp.org
> http://zgp.org/mailman/listinfo/p2p-hackers
> _______________________________________________
> Here is a web page listing P2P Conferences:
> http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences




More information about the P2p-hackers mailing list