PWN* your network adapter

*PWN = PowerShell, WMI, and NDIS WMI is frequently misunderstood.   WMI is a large collection of technologies designed to help you manage computers.  Most commonly, you’ll see IT pros using WMI (usually via VBScript) to do something funky across their domain, like search 1000 computers for nearly-full disk volumes.  But (another misunderstood point) VBScript isn’t…

0

Debugging with NDISKD

Chapter three of a beginner’s guide to debugging with NDISKD In Part 1 of the series, we set up a kernel debugger. In the second installment, we took a closer look at ndiskd’s output for miniports. Today, we will use what we know to debug an actual network issue. The symptoms are thus: The network…

2

NDISKD and !miniport

The second installment of a beginner’s guide to debugging with NDISKD Last time we set up the debugger, looked at !ndiskd.help, and dumped out a table of active miniports.  Today we’ll continue our laboratory by examining a specific miniport.  As before, we use !ndiskd.miniports to get the table of active miniports: kd> !ndiskd.miniport     MiniDriver        …

0

Getting started with NDISKD

Part 1 of a beginner’s guide to debugging with NDISKD If you haven’t already, grab the updated WDK with its new ndiskd debugger extension.  You’ll need it for today’s laboratory exercise: getting started with ndiskd. If you are new to Windows kernel debugging, check out Ilias’s thorough tutorial.  You should follow that tutorial to get…

0

[Re]Introducing NDISKD

Over a decade of making NDIS developers dangerous Today we released a new version of the WDK.  This release has an updated version of the debuggers, including an overhauled version of ndiskd. Ndiskd is a debugger extension written by the NDIS team.  Internally, we use the extension to debug NDIS.SYS itself.  Since it’s also useful…

0

The difference between a miniport and a miniport driver

A grammatical kinship between NDIS and tennis If you’ve ever programmed a WDM driver, you’re probably familiar with the difference between a DRIVER_OBJECT and a DEVICE_OBJECT.  In NDIS, we also differentiate between a driver and a running instance created by the driver. The most concrete example of this differentiation is the difference between a miniport…

0

Removing a non-removable device

A surprise indeed From time to time, miniport authors ask us whether they really have to support surprise removal.  After all, they explain, their device is embedded in the system — it’s not physically possible to remove it without a soldering iron and/or crowbar. Here’s our answer: yes, you should support surprise removal.  You should…

0

Simplifying your OID request handler

One request at a time, please While we have lots of documentation on MSDN, occasionally the high-level concepts get drowned out by all the details. Today I want to draw attention to an important point regarding OID requests. Recall that protocols use OID requests to Query information from or to Set information on a miniport….

0

The NDIS Blog: We’re back!

Now with witty subtitles Lately things have been quiet on the NDIS blog.  But that’s about to change, because we’ve got some new blog posts lined up for you.  We’ll start things off this week with a discussion on OID requests. If you would like to suggest a topic, please leave a note in the…

2