Hello, I have a question regarding NDIS hooking as it is presented in the sample. I’m currently writing a firewall for windows and my software has to be “Windows XP Certified”. If I’m using the standard modification of the NDIS export table in memory, will I be Windows XP Certified?…
Hardly likely that NDIS-hooking driver can be WHQL, but I don’t know for sure. In any case the question of certification is usually the question of money you can pay for it. In order to avoid additional problems I think you will need to create NDIS IM driver for XP if you really need certication.
thank you for your help. I would like to know if someone knows here – what technique use sygate, zonealarm, mcafee and othere known firewalls? I seriously doubt they use ndis IM driver. Sygate si tell to use an intermediate driver teefer.sys, but I doubt it is a real ndis intermediate driver once it detects protocol driver registrations and so on. Do they have WHQL certification?
The firewalls you have mentioned use NDIS-hooks and I don’t think that their drivers are WHQL certified. An example, ZoneAlarm uses technology based on some undocumented NDIS structures which can be changed by MS anytime. Do you think that such driver can be WHQL? However, NDIS hooks is still the most effective way to desigh the firewall kernel, and that fact that MS officially don’t recommend this is not enough to stop using it.
We tried to get certified our NDIS hook driver.
Negative. They explained us, that hooking is bad and may cause bad things … So if you wanna get certified you should find alternative way.
Hello, I have a question regarding NDIS hooking as it is presented in the sample. I’m currently writing a firewall for windows and my software has to be “Windows XP Certified”. If I’m using the standard modification of the NDIS export table in memory, will I be Windows XP Certified?…