I need my program to check if a given Windows process is abusing the network. I would like to enumerate the process tcp and udp sockets, and see how much data they transferred during a given period.
Is there a C or .Net API that can provide such info?
You might look at WinPcap. http://www.winpcap.org/
A C#.net version is available in SharpPcap. http://www.tamirgal.com/blog/page/SharpPcap.aspx
On Win2k, you can use GetTcpTable(), GetTcp6Table(), GetUdpTable(), and GetUdp6Table() to locate all of the active socket connections. But to match them to specific process IDs, you would have to manually enumerate the system's open handles looking for TCP/UDP handles, and then query the process information from them.
On XP, you can use AllocateAndGetTcpExTableFromStack() and AllocateAndGetUdpExTableFromStack(), which can return process IDs with each socket connection.
On XP SP2 and later, you can use GetExtendedTcpTable() and GetExtendedUdpTable(), which can return process IDs with each socket connection as well.