|
I would suggest looking into WinPcap (http://www.winpcap.com) which is a Packet Capture Library for windows, and is open source.
Tools like Ethereal, Wireshark, Nmap, Snort, ntop use WinPcap.
Whether or not you can use it without Admin priv is a good question.
(From FAQs):
-------------------------------------------------------------------------
Q-7: Do I need to be Administrator in order to execute programs based on WinPcap on Windows NT/2000/XP?
A: Yes/no. The security model of WinPcap is quite poor, and we plan to work on it in the future. At the moment, if you execute a WinPcap-based application for the first time since the last reboot, you must be administrator. At the first execution, the driver will be dynamically installed in the system, and from that moment every user will be able to use WinPcap to sniff the packets.
-------------------------------------------------------------------------
I suppose it is possible to bypass windows security measures and install the driver, but thats not my speciality ;-)
__________________
Even as darkness envelops and consumes us, wrapping around our personal worlds like the hand that grips around our necks and suffocates us, we must realize that life really is beautiful and the shadows of despair will scurry away like the fleeting roaches before the light.
|