Archive for the ‘Winsock LSP’ Category

Why Use LSP?

Wednesday, June 9th, 2010

When you consider all of the benefits of being able to manage every information packet, you realize the amount of functions that can be employed.  For instance, you can drop or redirect any packets you choose by setting the logic rules you determine.  So there is no question that Winsock LSP has great value.

Using Winsock LSP, you can run many common applications including scanning emails, website/HTTP redirection, and/or website blocking.  This is all fine and good.  However, there are already other aplications that are also currently performing these tasks.  We already have email scanning applications, and website blocking applications, and redirection applications.

So the question arises:  Why use LSP?

This question must be answered every time that LSP is considered for an application that already has an existing solution.  It may very well be that you choose LSP, but maybe not.  It’s up to you.

Chris

Windows Sockets

Monday, June 7th, 2010

Winsock is simply the shortened form of Windows Sockets and it is the top dog in every network (Windows).  Layered Service Provider is shortened down to LSP and the Winsock LSP is merely a code that allows your application to maneuver itself into the communication stack for the Winsock API.  Winsock LSP can read, intercept, and modify network traffic.

Winsock APIs are simply the application program interfaces.  These facilitate communication for the application network calls and the Windows OS kernel.  Therefore, any message sent through this network gets turned into an application call.  This application call is then fed to the WinSock API. At this point Winsock routes this message through the kernel and to the recipient port.

Since the Winsock LSP is a simply a code, it can be placed anywhere between the applications and the API.  This results in the possibility of any network call/message from the application can be scanned and intercepted.  There are various actions that can be taken based on the data gained and the benefits to the user are immense.

Chris

LSP Problem Solving

Saturday, June 5th, 2010

When you desire to know exactly what LSP programs are currently running on your Windows machine, all you need to do is enter one simple command into a command-line window:

netsh winsock show catalog | more

If you would like to view this in a text file, merely enter:

netsh winsock show catalog >my_lsp.txt

If you are worrying about a possible hacker program or malware, you would be better of using an anti-malware program.  This is probably your best bet for the more detailed information you would require in a true malware infection.

Chris

The Good, The Bad, & The Ugly

Thursday, June 3rd, 2010

The Good

Winsock LSP enhances your security by disabling and malicious network commands.  Furthermore, Quality of Service, stream-based, URL content sniffers, data logging, and stream based network sniffers can all be done with LSP. 

The Bad

Hackers can use LSP as well.  Adware and spyware programs powered by LSP can steal Internet communication.  Hackers can then collect this stolen information;  financial information is not safe from malicious LSP programs and SPAM authors can use the private information in their SPAM campaigns. 

The Ugly

Improperly installed or buggy LSP programs can corrupt and damage the Winsock catalog with the Windows registry.  The same is true for any LSP program that does not register itself properly.  This causes a loss of network connections.

Chris

Winsock LSP Introduction

Tuesday, June 1st, 2010

Winsock LSP (Windows Socket Layered Service Provider) is a part of the Service Provider Interface.  This interface is very easily one of the very least comprehended aspects of Winsock2.  There is a great scarcity of quality information online about Winsock LSP.

A program that is incorporating LSP will use the Windows DLL file and Winsock API to place itself into the communication stack.  It will have the ability to read, modify, and intercept network communication.  This includes both communication coming to and from the system.

The uses for this type of program within a Microsoft OS are extremely far reaching.  Of course, it can cause as much harm as good.  As they say, “With much power comes much responsibility.”

Chris