翻訳と辞書
Words near each other
・ Layer of rods and cones
・ Layer Pyramid
・ Layer Road
・ Layered account
・ Layered clothing
・ Layered double hydroxides
・ Layered drink
・ Layered graph drawing
・ Layered hair
・ Layered hidden Markov model
・ Layered Image File Format
・ Layered intrusion
・ Layered Model of Regulation
・ Layered queueing network
・ Layered security
Layered Service Provider
・ Layered system
・ Layered, Inc.
・ Layering
・ Layering (disambiguation)
・ Layering (finance)
・ Layering (linguistics)
・ LayerOne
・ Layers (digital image editing)
・ Layers of Lies
・ Layers of Live
・ Layerthorpe
・ LayerWalker
・ Layes Abdullayeva
・ Layette


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Layered Service Provider : ウィキペディア英語版
Layered Service Provider (LSP) is a deprecated feature of the Microsoft Windows Winsock 2 Service Provider Interface (SPI). A Layered Service Provider is a DLL that uses Winsock APIs to attempt to insert itself into the TCP/IP protocol stack. Once in the stack, a Layered Service Provider can intercept and modify inbound and outbound Internet traffic. It allows processing of all the TCP/IP traffic taking place between the Internet and the applications that are accessing the Internet (such as a web browser, the email client, etc.). For example, it could be used by malware to redirect web browers to rogue websites, or to block access to sites like Windows Update. Alternatively, a computer security program could scan network traffic for viruses or other threats. The Winsock ''Service Provider Interface (SPI)'' API provides a mechanism for layering providers on top of each other. Winsock LSPs are available for a range of useful purposes, including parental controls and Web content filtering. The parental controls web filter in Windows Vista is an LSP. The layering order of all providers is kept in the Winsock Catalog.==Details==Unlike the well-known Winsock 2 API, which is covered by numerous books, documentation, and samples, the Winsock 2 SPI is relatively unexplored. The Winsock 2 SPI is implemented by network transport service providers and namespace resolution service providers. The Winsock 2 SPI can be used to extend an existing transport service provider by implementing a Layered Service Provider. For example, Quality of Service (QoS) on Windows 98 and Windows 2000 is implemented as an LSP over the TCP/IP protocol stack. Another use for LSPs would be to develop specialized URL filtering software to prevent Web browsers from accessing certain sites, regardless of the browser installed on a desktop. The Winsock 2 SPI allows software developers to create two different types of service providers—transport and namespace. Transport providers (commonly referred to as protocol stacks) are services, which supply functions that set up connections, transfer data, exercise flow control, error control, and so on. Namespace providers are services that associate the addressing attributes of a network protocol with one or more human-friendly names and enable protocol-independent name resolution. The SPI also allows you to develop two types of transport service providers—base and layered service providers.Base service providers implement the actual details of a transport protocol: setting up connections, transferring data, and exercising flow control and error control. Layered service providers implement only higher-level custom communication functions and rely on an existing underlying base provider for the actual data exchange with a remote endpoint.Winsock 2 LSPs are implemented as Windows DLLs with a single exported entry function, ''WSPStartup''. All other transport SPI functions are made accessible to ws2_32.dll or an upper chain layered provider via the LSP's dispatch table. LSPs and base providers are strung together to form a protocol chain. The LSP DLL has to be registered using a special LSP registrant which instructs Winsock 2, the loading order of the LSPs (there can be more than one LSP installed) and which protocols to intercept.LSPs work by intercepting Winsock 2 commands before they are processed by ws2_32.dll; they can therefore modify the commands, drop a command, or just log the data which makes them a useful tool for malware, network filters, network intercepters, and stream based sniffers. Sniffing network traffic through LSP can sometimes be troublesome since anti-virus vendors typically flag such activity as malicious — a network packet analyzer is therefore a better alternative for capturing network traffic. A feature of LSP and Winsock proxy sniffing is that they allow traffic to be captured from a single application and also enable traffic going to localhost (127.0.0.1) to be sniffed on Windows.<ref>("Proxocket - A Winsock Proxy Sniffer", NETRESEC Network Security Blog, 2011 )</ref>There are two kinds of LSP: IFS and non IFS LSP. Currently most LSPs on the market are non IFS. The difference between the two LSPs is that non IFS LSPs modify the socket handle to a non valid Windows IFS handle and therefore the LSP must implement all Winsock 2 methods. IFS LSPs, on the other hand, preserve the socket handle, which allows the LSP to implement only the functions it wants to intercept.
Layered Service Provider (LSP) is a deprecated feature of the Microsoft Windows Winsock 2 Service Provider Interface (SPI). A Layered Service Provider is a DLL that uses Winsock APIs to attempt to insert itself into the TCP/IP protocol stack. Once in the stack, a Layered Service Provider can intercept and modify inbound and outbound Internet traffic. It allows processing of all the TCP/IP traffic taking place between the Internet and the applications that are accessing the Internet (such as a web browser, the email client, etc.). For example, it could be used by malware to redirect web browers to rogue websites, or to block access to sites like Windows Update. Alternatively, a computer security program could scan network traffic for viruses or other threats. The Winsock ''Service Provider Interface (SPI)'' API provides a mechanism for layering providers on top of each other. Winsock LSPs are available for a range of useful purposes, including parental controls and Web content filtering. The parental controls web filter in Windows Vista is an LSP. The layering order of all providers is kept in the Winsock Catalog.
==Details==
Unlike the well-known Winsock 2 API, which is covered by numerous books, documentation, and samples, the Winsock 2 SPI is relatively unexplored. The Winsock 2 SPI is implemented by network transport service providers and namespace resolution service providers. The Winsock 2 SPI can be used to extend an existing transport service provider by implementing a Layered Service Provider. For example, Quality of Service (QoS) on Windows 98 and Windows 2000 is implemented as an LSP over the TCP/IP protocol stack. Another use for LSPs would be to develop specialized URL filtering software to prevent Web browsers from accessing certain sites, regardless of the browser installed on a desktop.
The Winsock 2 SPI allows software developers to create two different types of service providers—transport and namespace. Transport providers (commonly referred to as protocol stacks) are services, which supply functions that set up connections, transfer data, exercise flow control, error control, and so on. Namespace providers are services that associate the addressing attributes of a network protocol with one or more human-friendly names and enable protocol-independent name resolution. The SPI also allows you to develop two types of transport service providers—base and layered service providers.
Base service providers implement the actual details of a transport protocol: setting up connections, transferring data, and exercising flow control and error control. Layered service providers implement only higher-level custom communication functions and rely on an existing underlying base provider for the actual data exchange with a remote endpoint.
Winsock 2 LSPs are implemented as Windows DLLs with a single exported entry function, ''WSPStartup''. All other transport SPI functions are made accessible to ws2_32.dll or an upper chain layered provider via the LSP's dispatch table. LSPs and base providers are strung together to form a protocol chain. The LSP DLL has to be registered using a special LSP registrant which instructs Winsock 2, the loading order of the LSPs (there can be more than one LSP installed) and which protocols to intercept.
LSPs work by intercepting Winsock 2 commands before they are processed by ws2_32.dll; they can therefore modify the commands, drop a command, or just log the data which makes them a useful tool for malware, network filters, network intercepters, and stream based sniffers. Sniffing network traffic through LSP can sometimes be troublesome since anti-virus vendors typically flag such activity as malicious — a network packet analyzer is therefore a better alternative for capturing network traffic.

A feature of LSP and Winsock proxy sniffing is that they allow traffic to be captured from a single application and also enable traffic going to localhost (127.0.0.1) to be sniffed on Windows.<ref>("Proxocket - A Winsock Proxy Sniffer", NETRESEC Network Security Blog, 2011 )</ref>
There are two kinds of LSP: IFS and non IFS LSP. Currently most LSPs on the market are non IFS. The difference between the two LSPs is that non IFS LSPs modify the socket handle to a non valid Windows IFS handle and therefore the LSP must implement all Winsock 2 methods. IFS LSPs, on the other hand, preserve the socket handle, which allows the LSP to implement only the functions it wants to intercept.

抄文引用元・出典: フリー百科事典『 There are two kinds of LSP: IFS and non IFS LSP. Currently most LSPs on the market are non IFS. The difference between the two LSPs is that non IFS LSPs modify the socket handle to a non valid Windows IFS handle and therefore the LSP must implement all Winsock 2 methods. IFS LSPs, on the other hand, preserve the socket handle, which allows the LSP to implement only the functions it wants to intercept.">ウィキペディア(Wikipedia)
There are two kinds of LSP: IFS and non IFS LSP. Currently most LSPs on the market are non IFS. The difference between the two LSPs is that non IFS LSPs modify the socket handle to a non valid Windows IFS handle and therefore the LSP must implement all Winsock 2 methods. IFS LSPs, on the other hand, preserve the socket handle, which allows the LSP to implement only the functions it wants to intercept.">ウィキペディアでLayered Service Provider (LSP) is a deprecated feature of the Microsoft Windows Winsock 2 Service Provider Interface (SPI). A Layered Service Provider is a DLL that uses Winsock APIs to attempt to insert itself into the TCP/IP protocol stack. Once in the stack, a Layered Service Provider can intercept and modify inbound and outbound Internet traffic. It allows processing of all the TCP/IP traffic taking place between the Internet and the applications that are accessing the Internet (such as a web browser, the email client, etc.). For example, it could be used by malware to redirect web browers to rogue websites, or to block access to sites like Windows Update. Alternatively, a computer security program could scan network traffic for viruses or other threats. The Winsock ''Service Provider Interface (SPI)'' API provides a mechanism for layering providers on top of each other. Winsock LSPs are available for a range of useful purposes, including parental controls and Web content filtering. The parental controls web filter in Windows Vista is an LSP. The layering order of all providers is kept in the Winsock Catalog.==Details==Unlike the well-known Winsock 2 API, which is covered by numerous books, documentation, and samples, the Winsock 2 SPI is relatively unexplored. The Winsock 2 SPI is implemented by network transport service providers and namespace resolution service providers. The Winsock 2 SPI can be used to extend an existing transport service provider by implementing a Layered Service Provider. For example, Quality of Service (QoS) on Windows 98 and Windows 2000 is implemented as an LSP over the TCP/IP protocol stack. Another use for LSPs would be to develop specialized URL filtering software to prevent Web browsers from accessing certain sites, regardless of the browser installed on a desktop. The Winsock 2 SPI allows software developers to create two different types of service providers—transport and namespace. Transport providers (commonly referred to as protocol stacks) are services, which supply functions that set up connections, transfer data, exercise flow control, error control, and so on. Namespace providers are services that associate the addressing attributes of a network protocol with one or more human-friendly names and enable protocol-independent name resolution. The SPI also allows you to develop two types of transport service providers—base and layered service providers.Base service providers implement the actual details of a transport protocol: setting up connections, transferring data, and exercising flow control and error control. Layered service providers implement only higher-level custom communication functions and rely on an existing underlying base provider for the actual data exchange with a remote endpoint.Winsock 2 LSPs are implemented as Windows DLLs with a single exported entry function, ''WSPStartup''. All other transport SPI functions are made accessible to ws2_32.dll or an upper chain layered provider via the LSP's dispatch table. LSPs and base providers are strung together to form a protocol chain. The LSP DLL has to be registered using a special LSP registrant which instructs Winsock 2, the loading order of the LSPs (there can be more than one LSP installed) and which protocols to intercept.LSPs work by intercepting Winsock 2 commands before they are processed by ws2_32.dll; they can therefore modify the commands, drop a command, or just log the data which makes them a useful tool for malware, network filters, network intercepters, and stream based sniffers. Sniffing network traffic through LSP can sometimes be troublesome since anti-virus vendors typically flag such activity as malicious — a network packet analyzer is therefore a better alternative for capturing network traffic. A feature of LSP and Winsock proxy sniffing is that they allow traffic to be captured from a single application and also enable traffic going to localhost (127.0.0.1) to be sniffed on Windows.<ref>("Proxocket - A Winsock Proxy Sniffer", NETRESEC Network Security Blog, 2011 )</ref>There are two kinds of LSP: IFS and non IFS LSP. Currently most LSPs on the market are non IFS. The difference between the two LSPs is that non IFS LSPs modify the socket handle to a non valid Windows IFS handle and therefore the LSP must implement all Winsock 2 methods. IFS LSPs, on the other hand, preserve the socket handle, which allows the LSP to implement only the functions it wants to intercept.」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.