stackoom
  简体   繁体   中英

Disable multiple network connections, only allow one simultaneously

 原文  2011-02-17 14:56:49       c#/ .net/ vb.net

Question

We are looking to design a security application that does the following on laptops:

  • If the ethernet adapter is used (cable plugged in) disable/block all other network connections (wireless WIFI, mobile broadband (PPP), virtual VPN adapters etc)
  • When ethernet adapter is not being used again, all connections allowed.

Does anyone have any good suggestion on how to accomplish this?

We have looked in the WMI a lot but there are no good ways of doing this. Only disabling the network connection is not secure enough because most mobile broadband applications try to re-establish the connection. This should be an application that works on all laptop vendors without any user interaction (such as choosing interfaces etc..).

So any suggestions on how to accomplish this would be much appreciated.

3 answers

solution1
 0  2011-02-17 15:27:09

The simplest method for doing this is by disabling the adapter. You say this won't work for you, but I suspect it will. You can detect if something tries to re-enable it and act appropriately.

If that isn't going to work for you, then the next easiest thing to do is to remove the device itself. I believe you will need to used some unmanaged calls to get this done. There is some sample code on codeproject.com that will point you in the right direction.

Keep in mind, if the user runs a check for devices, it will show up again. You can monitor for DBT_DEVICEARRIVAL to detect when this happens, and again act appropriately.

You might also try simply disabling the device. Usually though I have seen that when you disable a network connection, this is exactly what it does. It might depend on the card and OS. I haven't experimented with it.

I suggest you reconsider simply disabling the network interface rather than going to the device level. It is a much cleaner way of doing this, and you can always detect if the interface comes back up. Anything else you do is going to be a bit hackish.

The only other method I can think of would be to block traffic using the Windows Firewall API . Just keep in mind that not all network traffic is over IP.

solution2
 0  2011-02-17 16:00:54

Well, this might not be the optimal solution but... You could use the route command to disable the interfaces ability to reach any network. It will probably require a lot of tweaking and constant monitoring of the routing table, but would effectively prevent the interfaces ability to communicate with any other device.

solution3
 0 ACCPTED  2011-02-18 13:46:14

There are different ways of doing this. As stated by others in this question it needs to be done on a lower level than what the WMI allows. There are some C++ examples around that addresses this issue. Check out the library NETCONLib by Microsoft.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Only allow one server to access a file on a network drive How to process multiple connections simultaneously with HttpListener? How do I uniquely identify only network connections that are *not* VPN connections? How to disable subscription to an event from many instances of one type and allow only one? Opening multiple connections with the same database in separate threads simultaneously How to allow only one user to run my C# program, but also allow multiple instances? Only allow one checkbox to be selected How to allow only one / in regex Network connections only work if device connected via cable Allow multiple active connections to MS SQL database using VS datasets
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM