I'm currently making an application that analyzes network packets on a Windows system. I have no problems monitoring the packets but I'm having a hard time finding the source application of the packet (on the local system).

Applications such as NetLimiter are able to tell where a specific packet originated from.
Does anyone know how to achieve this? How can one find the process that sent the packet?
I know one can do this in WinXP (and later) systems with the undocumented AllocateAndGet(Tcp/Udp)ExTableFromStack() API function, but how does one achieve it on Win2k systems?

Huge thanks in advance,

Would the source of NMap make help to shed any light on this problem? It's available for free.

Hmm, had a look at the screenshots and the description of the app. It seems it's not displaying application info but rather just ordinary packet info (provided through the WinPCap library).

I'll have a look when I get home, though. :thumbsup:

Any other ideas, mateys? :)