Code to monitor port 135 on windows OS

Well, You will need to use sockets..., and build a server program that listens on that port. I can code such a program, in VB6, but I don't have .NET, nor do I use it enough to know how sockets work in it. But, I will tell you that creating a socket on that port for listening is the way to go about doing what you would like.

thanks for reply me .

Actually I'am a beginner in VB . Is there any major different in VB6 and VB.net . If it is possible in writing the code in VB6 can you guide me on writing this code .
Can you explain more about socket programming . Is there any programming technique that I should learn if I want to write a code for socket/port listening.

Do you have a copy of VB6, or just VB.Net? They are the same basic syntax, but the languages are completely different. There is still arguments and fuss about which is better and if vb6 is phasing out. I am a VB6 Advocate, And I don't much care for .NET, that it requires an installation of an entire platform. A good google search of sockets and VB (whichever one you choose) will give you a whole lot of good info. I prefer to use the catalyst socketwrench control: http://www.catalyst.com. I have no problem coding a small server app in VB6 with comments if you choose the VB6 route. If VB.Net is your option (maybe due availability) I can find a ton of resources to help you out. Let me know.

i'am so sorry . I dont know that vb6 and vb.net have a major different . I actually have VB 6.0 . Can I continue asking this question in VB.NET forum although i want to use vb6 as my programming technique . I'm really sorry about this .

Can you explain more about catalyst socketwrench control . As far as I know catalyst socketwrench control is a complete software . Is there possible to write a vb6.0 code that will monitor certain port and inform if there is any computer that want to connect to this computer by using that port . Can you please teach me in writing the code .

I have moved this to the Legacy VB Thread. I will write and comment a server that listens on port 135, and warns the computer that a connection attempt has been made.

Ok,

I have written, and commented a server written in VB6 with catalyst socketwrench. This program listens on port 135 for a connection. If it recieves a connection, it accepts the connection momentarily (long enough to grab the IP and the Hostname), then immediately disconnects. It Writes The Date, Time, IP Address and Hostname of the computer that tried to make the connection to a log file, and displays a "notification" window similar to that of MSN Messengers Notification window (when you recieve an IM, or someone logs on). I have attached and Included the needed socket control, the complete and commented source code, along with a zip file that contains an installation program should you feel more comfortable using it instead of compiling it yourself.

Now, Be Advised that this program will not work in windows XP as long as you have other programs that listen on port 135. This is the procedure that I had to follow in order to make sure that this program would listen on port 135 (otherwise, you'll get an error that says something along the lines of: this address is already in use). In XP Home edition:
Click Start
Click Run
Type in: services.msc
Then in the pane on the right, find: Distributed Transaction Coordinator
Right click on it, and choose properties, and set "Startup Type" to disabled.
and Hit ok. Do the same thing for:
TCP/IP NetBIOS Helper
Task Scheduler
and
Routing and Remote Access
Then you close out of services.

Then go to start again, run, type in: regedit
Once you are in the registry, on the left pane, open:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc

Highlight Rpc, (the folder). Then on the right, doubleclick "DCOM Protocols"
and remove the line: ncacn_tcp, and make sure to move everything up a line if it's needed, then OK that window. Now, back to the left, to the folders. Open up Rpc, and there should be a folder called: ClientProtocols. Open that one up, and on the right, find and delete: ncacn_tcp, and ncadg_udp. Reboot Your computer, and port 135 should be closed, and able to run the server program I wrote.

However, Before you do ANY OF THAT, I want you to make a backup of your registry. Save it somewhere you won't lose it. You back up the registry, as follows:
click start, go to run
type in: regedit
click "file", then "Export"
At the bottom where it says "Export Range" set it to "all"
Find somewhere to save it, and give it a name. The registry is now backed up.

I realize that's a little bit complicated, so let me know if you need any additional help with disabling the services that windows has running on port 135.

Ps: Sorry about that, I tried to upload the source, AND a setup program... but for some reason I could only get the source to upload. If you need help compiling it, or getting it to load, just let me know.

The code work well . you are a great programmer , Comatose.

but can you explain to me about serversock function . i have a book about visual basic 6 and it doesnt even mention about serversock . where can i find a source that will explain about serversock ?

The code work well . you are a great programmer , Comatose.

but can you explain to me about serversock function . i have a book about visual basic 6 and it doesnt even mention about serversock . where can i find a source that will explain about serversock ?

Be Not confused. Serversock is not a function. It is the name of the socket control. Just like you can name command1 to cmdOkButton, Instead of the Name Socket, I chose Serversock. This was downloaded from Catalyst, and it is called SocketWrench. It is a control that allows communications over the internet. Those communications can be either as a server (a program that listens for a connection) or a client (a program that tries to make a connection). In our case, this socket was a server, as we were listening for a connection on port 135. To avoid confusion a socket is the means by which programs talk over the internet. Windows comes with a socket control called "winsock" but it's not as powerful or flexible as socketwrench. I hope this helps to give you a better understanding.

hye comatose ...

i want to ask you a few question .

what is the different between accept and connect ?
In accept method , why we need a socketid/socket descriptor ?

thank you

That's a pretty tough question to answer, but here is snips from the catalyst help program (that comes with socketwrench):

The Accept event is generated when a remote host connects to a listening socket.
The Connect event is generated when a connection is established.

In the accept method, you don't actually have to accept the connection, you can check to see if you have reached, say, your max allowed connections (pretend you want your server to only have 10 connections at once). After you "allow" the connection, then the connect event fires, saying "hey, we have a good accepted connection." Mind you, the accept event ONLY applies to a listening socket (a server), because a client socket only tries to make a connection (this doesn't mean that an application can't have both, listening and connecting sockets, but that once it's a listen socket, it accepts connections (or denies them), and once it's a client socket, it tries to connect to an accept socket).

Now, what we do is, we have a "control array", which is just an array of VB controls. They have an index just like any normal array, and can be looped through, and everything else. Now, on socket accept, we have no max connection... we just keep accepting, logging, and disconnecting sockets. Now, when a user or program [or virus] wants to connect, our socket accept gets spawned. We don't have a max connection limit or anything like that, so, we add a new socket to our socket control array (by using Load ServerSock(SCount), ServerSock is our Control Array of Listen Sockets), and then we set all the properties for the new socket in our control array.
Now, If you look careful at the sub routine for the accept method...

Private Sub ServerSock_Accept(Index As Integer, SocketId As Integer)

we never create the socketID, the socketID is given to our VB program from the socket control (meaning it gets generated somewhere else (the socketID) and given to us to use). Then, all we do is take our newly loaded socket (the new socket of the control array), and set the "accept" property to the SocketID. Basically, this links the socketID and the newly loaded socket together. It's saying "ok, the new socket will accept this socketID". Then after we accept the socketID and bind it with the new socket, it launches the connect event, meaning we have accepted the connection, and we are ready for communications (send and recieve data) with the program or person connecting to our program. We have no interaction, we just grap the IP, hostname, date and time, write it to a log.... and display a popup.... but once "connect" is reached, you have an established, working relationship between the connector and the connected. I guess to break down everything I said, and quit ranting..... socket accept is a request for a connection, while socket connect means one is now established.

The code works great. I'd like to write out the data that is being sent during the connection though. I have tried to use the ReadStream method but I keep getting "Object does not support this property" or "Method or data member not found."

We have a PBX that can send out call data records to any host on any port. If I can figure out how to get the raw data I can certainly clean it up and post it to a database.