//Compare two connections //Returns true if they are the same private bool CompareTwoConnections(RemoteNotify.ExtentedTcpTable.ConnectionWithGuid c, RemoteNotify.ExtentedTcpTable.ConnectionWithGuid pc) { if (c.Connection.LocalAddress.ToString() == pc.Connection.LocalAddress.ToString() && c.Connection.LocalPort.ToString() == pc.Connection.LocalPort.ToString() && c.Connection.RemoteAddress.ToString() == pc.Connection.RemoteAddress.ToString() && c.Connection.RemotePort.ToString() == pc.Connection.RemotePort.ToString() && c.Connection.owningPid.ToString() == pc.Connection.owningPid.ToString()) { return(true); } else { return(false); } }
//Writes to Network log //if file is open in another program it will open a new hidden log and write the contents there //When the main log is closed they will be merged back private void WriteToNetworkLog(RemoteNotify.ExtentedTcpTable.ConnectionWithGuid Connection, String ConnectionType) { try { //Check if there's temp network log and merge if there is MergeTempNetworkLog(); //Write to log using (StreamWriter writer = new StreamWriter(RemoteNotifyLogsPath + "\\" + LogName, true)) { if (!(Connection.Connection.LocalAddress.ToString().Contains("[::1]")) && !(Connection.Connection.LocalAddress.ToString().Contains("127.0.0.1")) && !(Connection.Connection.RemoteAddress.ToString().Contains("0.0.0.0"))) { try { writer.WriteLine(DateTime.Now.ToString() + "," + ConnectionType + "," + Connection.Connection.LocalAddress.ToString() + "," + Connection.Connection.LocalPort.ToString() + "," + Connection.Connection.RemoteAddress.ToString() + "," + Connection.Connection.RemotePort.ToString() + "," + Connection.Connection.state + "," + Connection.Connection.owningPid + "," + Process.GetProcessById(checked ((int)Connection.Connection.owningPid)).ProcessName + "," + Connection.ConnectionGuid.ToString() ); } catch (ArgumentException) { writer.WriteLine(DateTime.Now.ToString() + "," + ConnectionType + "," + Connection.Connection.LocalAddress.ToString() + "," + Connection.Connection.LocalPort.ToString() + "," + Connection.Connection.RemoteAddress.ToString() + "," + Connection.Connection.RemotePort.ToString() + "," + Connection.Connection.state + "," + Connection.Connection.owningPid + "," + "UNKNOWN" + "," + Connection.ConnectionGuid.ToString() ); } catch (OverflowException) { writer.WriteLine(DateTime.Now.ToString() + "," + ConnectionType + "," + Connection.Connection.LocalAddress.ToString() + "," + Connection.Connection.LocalPort.ToString() + "," + Connection.Connection.RemoteAddress.ToString() + "," + Connection.Connection.RemotePort.ToString() + "," + Connection.Connection.state + "," + Connection.Connection.owningPid + "," + "UNKNOWN" + "," + Connection.ConnectionGuid.ToString() ); } } } } catch (IOException) { //Check if temporary network log is created if (!(File.Exists(RemoteNotifyLogsPath + "\\" + LogName + ".tmp"))) { if (!(Connection.Connection.LocalAddress.ToString().Contains("[::1]")) && !(Connection.Connection.LocalAddress.ToString().Contains("127.0.0.1")) && !(Connection.Connection.RemoteAddress.ToString().Contains("0.0.0.0"))) { //create CSV File and add log content using (StreamWriter writer = File.CreateText(RemoteNotifyLogsPath + "\\" + LogName + ".tmp")) { try { writer.WriteLine(DateTime.Now.ToString() + "," + ConnectionType + "," + Connection.Connection.LocalAddress.ToString() + "," + Connection.Connection.LocalPort.ToString() + "," + Connection.Connection.RemoteAddress.ToString() + "," + Connection.Connection.RemotePort.ToString() + "," + Connection.Connection.state + "," + Connection.Connection.owningPid + "," + Process.GetProcessById(checked ((int)Connection.Connection.owningPid)).ProcessName + "," + Connection.ConnectionGuid.ToString() ); } catch (ArgumentException) { writer.WriteLine(DateTime.Now.ToString() + "," + ConnectionType + "," + Connection.Connection.LocalAddress.ToString() + "," + Connection.Connection.LocalPort.ToString() + "," + Connection.Connection.RemoteAddress.ToString() + "," + Connection.Connection.RemotePort.ToString() + "," + Connection.Connection.state + "," + Connection.Connection.owningPid + "," + "UNKNOWN" + "," + Connection.ConnectionGuid.ToString() ); } catch (OverflowException) { writer.WriteLine(DateTime.Now.ToString() + "," + ConnectionType + "," + Connection.Connection.LocalAddress.ToString() + "," + Connection.Connection.LocalPort.ToString() + "," + Connection.Connection.RemoteAddress.ToString() + "," + Connection.Connection.RemotePort.ToString() + "," + Connection.Connection.state + "," + Connection.Connection.owningPid + "," + "UNKNOWN" + "," + Connection.ConnectionGuid.ToString() ); } } } try { File.SetAttributes(RemoteNotifyLogsPath + "\\" + LogName + ".tmp", File.GetAttributes(RemoteNotifyLogsPath + "\\" + LogName + ".tmp") | FileAttributes.Hidden); } catch (FileNotFoundException) { return; } } else { using (StreamWriter writer = new StreamWriter(RemoteNotifyLogsPath + "\\" + LogName + ".tmp", true)) { if (!(Connection.Connection.LocalAddress.ToString().Contains("[::1]")) && !(Connection.Connection.LocalAddress.ToString().Contains("127.0.0.1")) && !(Connection.Connection.RemoteAddress.ToString().Contains("0.0.0.0"))) { try { writer.WriteLine(DateTime.Now.ToString() + "," + ConnectionType + "," + Connection.Connection.LocalAddress.ToString() + "," + Connection.Connection.LocalPort.ToString() + "," + Connection.Connection.RemoteAddress.ToString() + "," + Connection.Connection.RemotePort.ToString() + "," + Connection.Connection.state + "," + Connection.Connection.owningPid + "," + Process.GetProcessById(checked ((int)Connection.Connection.owningPid)).ProcessName + "," + Connection.ConnectionGuid.ToString() ); } catch (ArgumentException) { writer.WriteLine(DateTime.Now.ToString() + "," + ConnectionType + "," + Connection.Connection.LocalAddress.ToString() + "," + Connection.Connection.LocalPort.ToString() + "," + Connection.Connection.RemoteAddress.ToString() + "," + Connection.Connection.RemotePort.ToString() + "," + Connection.Connection.state + "," + Connection.Connection.owningPid + "," + "UNKNOWN" + "," + Connection.ConnectionGuid.ToString() ); } catch (OverflowException) { writer.WriteLine(DateTime.Now.ToString() + "," + ConnectionType + "," + Connection.Connection.LocalAddress.ToString() + "," + Connection.Connection.LocalPort.ToString() + "," + Connection.Connection.RemoteAddress.ToString() + "," + Connection.Connection.RemotePort.ToString() + "," + Connection.Connection.state + "," + Connection.Connection.owningPid + "," + "UNKNOWN" + "," + Connection.ConnectionGuid.ToString() ); } } } } } }