Is there any way to detect new IP connections to your computer via way of some kind of global event/notification/callback?

Cheers

Can you be more specific?. Please describe a scenario where this would happen.

I have a couple of programs that seem to be doing things in the background via the internet. I wanted to log the connections they are making and see what they were connecting to.

I wanted to write a small program that could either wait for an event / use a callback / windows message or any other form of IPC you can think of to log a connection made as it happened.

I may then decide to block those connections if necessary.

I think there is only two options:
1. Implementing a Layered Service Provider DLL (LSP)
2. Implementing a kernel driver (TDI filter driver or NDIS)

Both these are quite hard to implement. I've written a limitted LSP once and I think the LSP approach is easier. The downside with the LSP appraoch is that it can't detect (=intercept) every TCP/UDP activity (some MS system programs bypass it). It is not possible to bypass a kernel mode driver.

I think an LSP layer is enough. Although this layer can be bypassed, all winsock calls are routed through the lsp. If you know that they use winsock you can use lsp.