I am going to build a sort of personal firewall for Windows. I've found some articles on this subject on the Net, including some questions here on StackOverflow. But all they mean to control protocols, addresses and ports. It is as well important for me to control on per-application basis. Any suggestions on where to look?
views:
44answers:
1
+3
A:
GetExtendedTcpTable with a TCP_TABLE_CLASS
parameter of TCP_TABLE_OWNER_MODULE_CONNECTIONS
will give you all the connected endpoints and the owning process id.
You can pass the table row to GetOwnerModuleFromTcpEntry to get the module name and path.
Mark Brackett
2010-05-16 01:36:17