0

I need to implement in a existing application a new feature that records any unusual network activity in the computer.

I do not want to block or intervene any connection, just filter these according to specific criteria and log the "unusual" connections.

It is absolutely necessary that does not require some sort of sniffer-like application installed. Because of that I wanted to know if it is possible to access the data that the "Windows resource monitor" shows.

In the search for something similar, I found the "PerformanceCounter" class Here, but I could not find enough information about which categories and counters must I use.

I found a similar problem Here that has already been solved, but only shows memory and cpu usage.

I really appreciate it if anyone can help me, thanks.

Community
  • 1
  • 1
MarioFinale
  • 1
  • 3

1 Answers1

1

It it discussed here on technet. Basically they advise to use ETW (Event Tracing for Windows) to grammatically access the same data exposed in Resource Monitor. If you google a little bit it seems that there are some .NET wrappers to access this API.

You might also look into WMI (Windows Management Instrumentation) which may have classes for network activity.

Robin Mackenzie
  • 14,370
  • 7
  • 36
  • 44