[Winpcap-users] Packet From Application?

Gianluca Varenni gianluca.varenni at cacetech.com
Tue Aug 4 16:37:52 PDT 2009


As Guy already pointed out, there is no way for WinPcap to know which application generated a packet on a remote host, simply because that information is *not* there. 
You will need to dissect the packets to get the Login/Password/whatever other information is carried by the packets. WinPcap just provides you the raw frames.

Have a nice day
GV

  ----- Original Message ----- 
  From: tran thanh 
  To: winpcap-users at winpcap.org 
  Sent: Friday, July 31, 2009 7:48 PM
  Subject: Re: [Winpcap-users] Packet From Application?


  Dear Varenni,

  I have a DataBase on the Server (I'm using Sql Server 2005),
  I want to known which application from the Client connect to Sql Server,
  In this case the Application didn't run on the same machine with Winpcap. 

  And I have a problem is when I login to the SQL Server 
  I have captured several packets, 
  As I know these packets is the Pre-Login and Login Message between Server and Client
  Can I get the LoginName, Password, Client Machine Name (or User Login) from these packets?
  If it can be, please show me how?

  Regards,
  Tran Bach Thanh!



------------------------------------------------------------------------------


  _______________________________________________
  Winpcap-users mailing list
  Winpcap-users at winpcap.org
  https://www.winpcap.org/mailman/listinfo/winpcap-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/winpcap-users/attachments/20090804/51e49778/attachment.html 


More information about the Winpcap-users mailing list