I'm currently making an application that analyzes network packets on a Windows system. I have no problems monitoring the packets but I'm having a hard time finding the source application of the packet (on the local system).
Applications such as NetLimiter are able to tell where a specific packet originated from.
Does anyone know how to achieve this? How can one find the process that sent the packet?
I know one can do this on WinXP (and later) systems with the undocumented AllocateAndGet(Tcp/Udp)ExTableFromStack() API function, but how does one achieve it on win2k systems?
Huge thanks in advance,