Making a sysytem file monitor, how ?

In summary, the speakers discussed the idea of writing a program to monitor file operations in Windows, with the goal of implementing a security system for specific folders or the entire drive. They mentioned the use of APIs or writing a device driver, but also suggested looking at user level events for NTFS or using the filemonitor component in .Net.
  • #1
amitjnkp
14
0
Helo everyone,
i want to write a program that monitors the file operations occurring thoughout the windows.
i mean what files are being opened and modified so that i can implement some security system which monitors specific folders or whole drive.
but the problem is that i don't know how to start // any API that can help or does it require to write a device driver ?


thanks
 
Technology news on Phys.org
  • #2
For NTFS there are user level events that monitor file system changes.
Look at Hart's "win32 System Programming" or MS technical reference for ntfs
 
  • #3
If you want to do it your self, you can try with .Net, it has a cool filemonitor component.
 

1. What is a system file monitor?

A system file monitor is a software program or tool that keeps track of changes to files and directories in a computer's operating system. It monitors file creation, modification, and deletion, providing information on which files have been accessed or altered.

2. Why would someone need to make a system file monitor?

System file monitors are helpful for monitoring system activity and detecting any potential security breaches or unauthorized changes to critical files. They can also be used for troubleshooting and tracking down errors or bugs in a system.

3. What are the key features of a system file monitor?

Some key features of a system file monitor include real-time monitoring, logging of file activity, customizable alerts and notifications, and the ability to track and view changes to specific files or directories.

4. How does a system file monitor work?

A system file monitor typically uses operating system APIs to track file system activity. It may also use file system drivers or kernel modules to intercept file system events. The monitor then logs this information and presents it in a user-friendly interface.

5. Are there any precautions to take when using a system file monitor?

Yes, it's important to be cautious when using a system file monitor as it may impact system performance and consume resources. It's also important to properly configure the monitor and set up alerts to avoid being overwhelmed with unnecessary notifications.

Similar threads

  • Programming and Computer Science
Replies
9
Views
2K
  • Programming and Computer Science
Replies
0
Views
414
  • Programming and Computer Science
3
Replies
81
Views
5K
  • Programming and Computer Science
Replies
9
Views
820
  • Programming and Computer Science
Replies
33
Views
2K
  • Programming and Computer Science
Replies
29
Views
2K
  • Programming and Computer Science
Replies
14
Views
1K
  • Programming and Computer Science
Replies
5
Views
925
  • Programming and Computer Science
Replies
5
Views
2K
  • Programming and Computer Science
Replies
7
Views
6K
Back
Top