How to sniff local outgoing network traffic in .NET without using PCap?

c# .net networking sniffing
21,221

Solution 1

What you want is the Network Monitor API. More here and here.

Solution 2

I use smsniff from NIRSOFT. You need to be admin on the machine to sniff any traffic.

http://www.nirsoft.net/utils/smsniff.html

I have never seen .net used to sniff traffic. But maybe NetMon from Microsoft has a COM interface you call from .Net

But as always you need to be admin to sniff traffic, since it is needed to put the NIC in promiscuous mode.

Share:
21,221
Hendrik Wiese
Author by

Hendrik Wiese

I'm a hobbyist developer. I write programs and applications just for fun, to gain experience, to learn and for the sense of achievement. Furthermore I was a software developer for a well-known company a few years ago. Presently, I'm studying mechatronics.

Updated on August 19, 2020

Comments

  • Hendrik Wiese
    Hendrik Wiese over 3 years

    I'd like to somehow hook into the local system's network stack to capture outgoing network packets without using Winpcap. Unfortunately it tends to crash my system every now and then.

    Is there a way to "sniff" outgoing traffic of the local system from a user space process written in a .NET language?

  • Hendrik Wiese
    Hendrik Wiese almost 14 years
    Getting admin rights shouldn't be an issue since the program I'm working on is primarily for my own use. Well, if someone else would like to have a proggy that traces HTTP requests to specific filetypes and, after finding such a request, offers a way to actually download those files (like videos, mp4, flv) I'm sure I can make it public somewhere down the road. I don't want to go through the all the mess of writing a fully functional HTTP proxy, so sniffing is the only alternative.
  • ggonsalv
    ggonsalv almost 14 years
    Try fiddler as a HTTP debugging proxy. IT rulez fiddler2.com/fiddler2
  • Hendrik Wiese
    Hendrik Wiese almost 14 years
    Yes, Fiddler is great. I'm using FiddlerCore to trace the HTTP requests with my application by now. But I'd really like to capture them independently from the proxy settings of the browsers.
  • Diego Vieira
    Diego Vieira about 11 years
    Hi Mike, link for NMCaptureData is dead. Thanks
  • Mike Atlas
    Mike Atlas about 11 years
    Too bad, I updated my post to something I found that looks relevant (another example of a C# project using the NM API).

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Windows Service cannot access network location (UNC) Path
Monitoring outgoing internet traffic
WCF - The socket connection was aborted
Get a list of all computers on a network w/o DNS
Get name of network that a network interface is connected to
How to determine which network adapter is connected to the internet
How can one simplify network byte-order conversion from a BinaryReader?
How do you parse an IP address string to a uint value in C#?
How to determine if the tcp is connected or not?
Retrieve process network usage