I wrote a small program that returns a user response to receiving SYN packets for some ports on Linux. This required me to make minor changes to the Linux kernel and recompile. I tested this and I have the functionality required on Linux.
I want to have the same functionality in Windows XP / 7. For this, I believe that I will need to edit the driver / file / registry parameter that will control the tcpip functions. Would the goal be to disable the default action of sending RST packets when receiving a SYN on a closed port?
The research that I have done so far has pointed me to something like tcpip.sys or tcpip settings in the registry?
I am plausible that this may not be possible because the drivers are unsigned if I modify them, but hopefully someone can calm my mind of the plausibility of this possible?
source share