I want to check what applications do and maybe dont acces them to specified notwork (i have an idea to have 3 logical networks 192.168.x.x 172.22.x.x and 10.10.x.x for example). eg. i dont want to allow processes that use inet to use 192.168.x.x
I want to hook their functions to block or allow them to acces to network. I use madCHook.dll to hook apis and inject my code (located in dll) into their process.
But i dont know what apis i should use?
ws2_32.dll!WSAAccept
ws2_32.dll!bind?
IE use bind, but it binds with ip 127.0.0.1 and 0.0.0.0 some application do not use bind.
What i should do?
I was thinking that i must hook something from ntdll.dll but i cant find anything.
Regards
I want to hook their functions to block or allow them to acces to network. I use madCHook.dll to hook apis and inject my code (located in dll) into their process.
But i dont know what apis i should use?
ws2_32.dll!WSAAccept
ws2_32.dll!bind?
IE use bind, but it binds with ip 127.0.0.1 and 0.0.0.0 some application do not use bind.
What i should do?
I was thinking that i must hook something from ntdll.dll but i cant find anything.
Regards