Snooping TCP packets arriving at a particular port
Posted on 2009-04-14
Is there a way to sniff TCP packets arriving at a particular port in Windows? I see that the WinPcap library provides interface to sniff all the raw packets, however I would just like to sniff a part of that traffic for efficiency reasons.
Another way to accomplish sniffing would be to create a TCP socket, bind to the port number and source IP address and read data from the socket without actually connecting to the remote peer. Another application running on the same machine has established a connection with the remote peer. Since TCP is a connection oriented protocol, will this be allowed?