Hi all,

I am planning to write an intrusion detection system as part of a university project. As soon as I started thinking about it I realised that I will need to be running a service at the IP layer, below TCP or UDP. I need this because I need to be able to examine all incoming packets and check out what ports they're on their way to etc.

My problem is, all my network coding experience is with TCP and UDP, and whats worse is that its in Java, which I fear is way too high lvl for what Im trying to do.

Does anyone know how I get my code to run at this level? I assume I'll have to disable the windows IP level service and replace it with my own, which will be much the same (forwarding incoming packets to their TCP/UDP ports) but will also log and alert the user if it recognises any potentially malicious connections.

PS Its not too late for me to change my ideas as I have until the end of summer to decide on my project. So let me know if what im undertaking is beyond a lone coder.

Thanks for reading