Today I would like to introduce a great analysis I have done in February 2012, when I was still working for PrevX and I was studying Windows Kernel communications interfaces.
This analysis treats NDIS and WSK DDIs (Device Driver Interfaces): make some tests on some Security solutions available in the year 2012, and defines general guidelines to correctly implement something good with NDIS. All tests have been made with the aim to bypass Personal firewall modules.
I report document attached here, hope that it could be useful for many Readers:
Keep in mind that the analysis is 1 year old, and nowadays some showed arguments may differs.
Have fun! … and let me know what do you think about …