//Compare two connections
//Returns true if they are the same
private bool CompareTwoConnections(RemoteNotify.ExtentedTcpTable.ConnectionWithGuid c, RemoteNotify.ExtentedTcpTable.ConnectionWithGuid pc)
{
if (c.Connection.LocalAddress.ToString() == pc.Connection.LocalAddress.ToString() &&
c.Connection.LocalPort.ToString() == pc.Connection.LocalPort.ToString() &&
c.Connection.RemoteAddress.ToString() == pc.Connection.RemoteAddress.ToString() &&
c.Connection.RemotePort.ToString() == pc.Connection.RemotePort.ToString() &&
c.Connection.owningPid.ToString() == pc.Connection.owningPid.ToString())
{
return(true);
}
else
{
return(false);
}
}
//Writes to Network log
//if file is open in another program it will open a new hidden log and write the contents there
//When the main log is closed they will be merged back
private void WriteToNetworkLog(RemoteNotify.ExtentedTcpTable.ConnectionWithGuid Connection, String ConnectionType)
{
try
{
//Check if there's temp network log and merge if there is
MergeTempNetworkLog();
//Write to log
using (StreamWriter writer = new StreamWriter(RemoteNotifyLogsPath + "\\" + LogName, true))
{
if (!(Connection.Connection.LocalAddress.ToString().Contains("[::1]")) &&
!(Connection.Connection.LocalAddress.ToString().Contains("127.0.0.1")) &&
!(Connection.Connection.RemoteAddress.ToString().Contains("0.0.0.0")))
{
try
{
writer.WriteLine(DateTime.Now.ToString() + "," +
ConnectionType + "," +
Connection.Connection.LocalAddress.ToString() + "," +
Connection.Connection.LocalPort.ToString() + "," +
Connection.Connection.RemoteAddress.ToString() + "," +
Connection.Connection.RemotePort.ToString() + "," +
Connection.Connection.state + "," +
Connection.Connection.owningPid + "," +
Process.GetProcessById(checked ((int)Connection.Connection.owningPid)).ProcessName + "," +
Connection.ConnectionGuid.ToString()
);
}
catch (ArgumentException)
{
writer.WriteLine(DateTime.Now.ToString() + "," +
ConnectionType + "," +
Connection.Connection.LocalAddress.ToString() + "," +
Connection.Connection.LocalPort.ToString() + "," +
Connection.Connection.RemoteAddress.ToString() + "," +
Connection.Connection.RemotePort.ToString() + "," +
Connection.Connection.state + "," +
Connection.Connection.owningPid + "," +
"UNKNOWN" + "," +
Connection.ConnectionGuid.ToString()
);
}
catch (OverflowException)
{
writer.WriteLine(DateTime.Now.ToString() + "," +
ConnectionType + "," +
Connection.Connection.LocalAddress.ToString() + "," +
Connection.Connection.LocalPort.ToString() + "," +
Connection.Connection.RemoteAddress.ToString() + "," +
Connection.Connection.RemotePort.ToString() + "," +
Connection.Connection.state + "," +
Connection.Connection.owningPid + "," +
"UNKNOWN" + "," +
Connection.ConnectionGuid.ToString()
);
}
}
}
}
catch (IOException)
{
//Check if temporary network log is created
if (!(File.Exists(RemoteNotifyLogsPath + "\\" + LogName + ".tmp")))
{
if (!(Connection.Connection.LocalAddress.ToString().Contains("[::1]")) &&
!(Connection.Connection.LocalAddress.ToString().Contains("127.0.0.1")) &&
!(Connection.Connection.RemoteAddress.ToString().Contains("0.0.0.0")))
{
//create CSV File and add log content
using (StreamWriter writer = File.CreateText(RemoteNotifyLogsPath + "\\" + LogName + ".tmp"))
{
try
{
writer.WriteLine(DateTime.Now.ToString() + "," +
ConnectionType + "," +
Connection.Connection.LocalAddress.ToString() + "," +
Connection.Connection.LocalPort.ToString() + "," +
Connection.Connection.RemoteAddress.ToString() + "," +
Connection.Connection.RemotePort.ToString() + "," +
Connection.Connection.state + "," +
Connection.Connection.owningPid + "," +
Process.GetProcessById(checked ((int)Connection.Connection.owningPid)).ProcessName + "," +
Connection.ConnectionGuid.ToString()
);
}
catch (ArgumentException)
{
writer.WriteLine(DateTime.Now.ToString() + "," +
ConnectionType + "," +
Connection.Connection.LocalAddress.ToString() + "," +
Connection.Connection.LocalPort.ToString() + "," +
Connection.Connection.RemoteAddress.ToString() + "," +
Connection.Connection.RemotePort.ToString() + "," +
Connection.Connection.state + "," +
Connection.Connection.owningPid + "," +
"UNKNOWN" + "," +
Connection.ConnectionGuid.ToString()
);
}
catch (OverflowException)
{
writer.WriteLine(DateTime.Now.ToString() + "," +
ConnectionType + "," +
Connection.Connection.LocalAddress.ToString() + "," +
Connection.Connection.LocalPort.ToString() + "," +
Connection.Connection.RemoteAddress.ToString() + "," +
Connection.Connection.RemotePort.ToString() + "," +
Connection.Connection.state + "," +
Connection.Connection.owningPid + "," +
"UNKNOWN" + "," +
Connection.ConnectionGuid.ToString()
);
}
}
}
try
{
File.SetAttributes(RemoteNotifyLogsPath + "\\" + LogName + ".tmp", File.GetAttributes(RemoteNotifyLogsPath + "\\" + LogName + ".tmp") | FileAttributes.Hidden);
}
catch (FileNotFoundException)
{
return;
}
}
else
{
using (StreamWriter writer = new StreamWriter(RemoteNotifyLogsPath + "\\" + LogName + ".tmp", true))
{
if (!(Connection.Connection.LocalAddress.ToString().Contains("[::1]")) &&
!(Connection.Connection.LocalAddress.ToString().Contains("127.0.0.1")) &&
!(Connection.Connection.RemoteAddress.ToString().Contains("0.0.0.0")))
{
try
{
writer.WriteLine(DateTime.Now.ToString() + "," +
ConnectionType + "," +
Connection.Connection.LocalAddress.ToString() + "," +
Connection.Connection.LocalPort.ToString() + "," +
Connection.Connection.RemoteAddress.ToString() + "," +
Connection.Connection.RemotePort.ToString() + "," +
Connection.Connection.state + "," +
Connection.Connection.owningPid + "," +
Process.GetProcessById(checked ((int)Connection.Connection.owningPid)).ProcessName + "," +
Connection.ConnectionGuid.ToString()
);
}
catch (ArgumentException)
{
writer.WriteLine(DateTime.Now.ToString() + "," +
ConnectionType + "," +
Connection.Connection.LocalAddress.ToString() + "," +
Connection.Connection.LocalPort.ToString() + "," +
Connection.Connection.RemoteAddress.ToString() + "," +
Connection.Connection.RemotePort.ToString() + "," +
Connection.Connection.state + "," +
Connection.Connection.owningPid + "," +
"UNKNOWN" + "," +
Connection.ConnectionGuid.ToString()
);
}
catch (OverflowException)
{
writer.WriteLine(DateTime.Now.ToString() + "," +
ConnectionType + "," +
Connection.Connection.LocalAddress.ToString() + "," +
Connection.Connection.LocalPort.ToString() + "," +
Connection.Connection.RemoteAddress.ToString() + "," +
Connection.Connection.RemotePort.ToString() + "," +
Connection.Connection.state + "," +
Connection.Connection.owningPid + "," +
"UNKNOWN" + "," +
Connection.ConnectionGuid.ToString()
);
}
}
}
}
}
}
