The guy can show the process that owns the TCP/UDP socket.
There is undocumented function in iphlpapi.dll called AllocateAndGetTcpExTableFromStac() that will do the same as GetTcpTable() except that it also returns process ID.
But I have Windows 2000 and iphlpapi.dll on my computer does not have that function, I've used GetProcAddress().
How is he able to show the process ID when that function isn't availible?
I sent a nice e-mail to the author 3 days ago asking how he does it, but no reply.
Question
Tobbe
Check this app:
http://www.sysinternals.com/ntw2k/source/tcpview.shtml
The guy can show the process that owns the TCP/UDP socket.
There is undocumented function in iphlpapi.dll called AllocateAndGetTcpExTableFromStac() that will do the same as GetTcpTable() except that it also returns process ID.
But I have Windows 2000 and iphlpapi.dll on my computer does not have that function, I've used GetProcAddress().
How is he able to show the process ID when that function isn't availible?
I sent a nice e-mail to the author 3 days ago asking how he does it, but no reply.
Link to comment
Share on other sites
10 answers to this question
Recommended Posts