在窗口服务中运行的应用程序检查器 [英] Application Checker Running In Window Services

问题描述

我需要一个窗口服务下的应用程序，用于检查Web浏览器或p2p是否正在运行.如果是，那么我需要查询数据库以查看它是否具有权限.如果它确实是故事的结尾，那么没有权限，那么我将继续监视下载.
如果发生下载，那么我需要找出它是哪种文件，并采取适当的措施.任何帮助表示赞赏.谢谢！


我可以监视窗口进程.但是如何提取信息以编写逻辑?

I need an application under window services that checks if a web browser or a p2p is running. If it is then I need to query a database to see if it has permission. If it does then end of story, No permission then I''ll continue to monitor for downloads.
If a download happens then I need to find out what kind of file it is and take appropriate action. Any help is appreciated. Thank you!


I can monitor window process. but how do you pull the info to write logic?

推荐答案

您承担了相当大的项目.

这都是在防火墙类型的服务器中完成的，而不是在每个客户端上运行的.您无需查找在工作站上运行的可执行文件.您正在寻找试图通过防火墙的流量.

要找出文件是什么(您不能依赖文件名和扩展名！)，您将不得不使用试探法来识别流量中的内容.问题是加密流量.无法确定其中的内容，因此，您最好的方法就是观察正在请求哪些端口.

顺便说一句:这些都是现成的东西.您只是通过尝试自己编写轮子来重新发明轮子.在您开始讨论那些花钱的事"之前，您一小时能得到多少报酬，您认为需要多长时间才能编写自己的代理服务器/防火墙?我敢打赌，对于您来说，写它要比买它要贵得多.

You''ve taken on quite a huge project.

This is all accomplished in a firewall type server, not something running on each client. You don''t look for executables running on a workstation. You look for its traffic trying to get through your firewall.

To find out what the file is (you cannot rely on filenames and extension!) you would have to use heuristics to learn to identify whats in the traffic. The problem is encrypted traffic. There''s no way to determine what''s inside that stuff, so the best you''ve got is to watch for which ports are being requested.

BTW: This is all off-the-shelf stuff. You''re just re-inventing the wheel by trying to write it yourself. And before you start with the "those things cost money" argument, how much do you get paid an hour and how long do you think it''s going to take you to write your own proxy server/firewall?? I''ll bet it''s far more expensive for you to write it than buy it.

这篇关于在窗口服务中运行的应用程序检查器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！