TDIMon by Mark Russinovich and Bryce Cogswell of SysInternals
=============================================================
The SysInternals TDI Monitor (TDIMon) written by Mark Russinovich and Bryce
Cogswell is one of the key tools for understanding how TDI works. No one
would disagree with their own description of TDIMon:

"TDIMon is an application that lets you monitor TCP and UDP activity on your
local system. It is the most powerful tool available for tracking down
network-related configuration problems and analyzing application network
usage."

The free version of TDIMon can be downloaded from their website at this URL:

http://www.sysinternals.com/ntw2k/freeware/tdimon.shtml


TDIScope by PCAUSA
==================
One problem with the free version of TDIMon is that the capture display
quickly fills with IRP_TDI_QUERY_INFORMATION_EX records as Windows
periodically checks for the connection state. This makes it difficult to see
ordinary TCP and UDP operations.

PCAUSA resurrected an old sample application based on the TDI filter sample
drivers. This application, called "TDIScope", was originally developed in
2002 but was never completed. Recently we did make a few small fixes just so
we had a tool that filtered out the uninteresting
IRP_TDI_QUERY_INFORMATION_EX records.

TDIScope isn't intended to be a replacement for the SysInternals TDIMon
utility. TDIScope's only virtue is that it displays less information than
TDIMon. But sometimes less information is more useful...

We are providing TDIScope in executable form in as-is condition in case you
have a need for a less cluttered TDI logger.

TDIScope is only partially implemented and has limitations, but perhaps it
can be of use to some of you. For more information see:

http://www.pcausa.com/Utilities/tdiscope.htm

Thomas F. Divine