搜索
基于VisualC++的网络监听系统摘要随着计算机网络技术的迅速发展,网络的安全问题也显得越发重要。网络监听技术是系统安全领域内一个非常敏感的话题,也是一项重要的技术,具有很强的现实应用背景。网络监听是网络监测、负载分析等管理活动常用的方法,同时也是黑客非法窃取信息的手段。网络监听工具通过网络传输介质的共享特性实现抓包,获得当前网络的使用状况,为网络管理员对网络中的信息进行实时的监测、分析提供一个合适的工具;同时也让黑客截获本网段的一些敏感信息,威胁网络安全。数据包捕获技术是设计网络分析软件的基础,而WinPcap则是Windows系统中实现的一个优秀的包捕获架构。文中结合该软件包的结构与功能对包捕获原理进行了详细的分析,并介绍了其在网络安全监控系统中的应用。该系统的基本原理是通过调用WinPcap库捕获本地网络上的所有数据包,然后对数据包进行协议分析,从而可以实时地监控网络。关键词:网络监听,WinPcap,协议分析IINetworkMonitoringSystemBasedonVisualC++ABSTRACTWiththerapiddevelopmentofcomputernetworktechnology,networksecuritybecomesmoreimportant.Networkmonitoringtechnologyisaverysensitivetopicinthefieldofsystemsecurityisalsoanimportanttechnology,hasastrongpracticalapplicationbackground.Networkmonitoringnetworkmonitoring,loadanalysisandothermanagementactivitiescommonlyusedmethod,butalsohackersillegalmeanstostealinformation.Networkmonitoringtoolstocapturethroughthesharedcharacteristicsofthenetworktransmissionmediumtoachieveaccesstothecurrentnetworkusage,andprovideasuitabletoolforthenetworkadministratoronthenetworkinreal-timemonitoring,analysis;alsoallowhackerstointerceptnetworksegmentsomesensitiveinformation,threattonetworksecurity.Thepacketcapturetechnologyisthebasisofthedesignofnetworkanalysissoftware,whileWinPcapisanexcellentpacketcapturearchitectureimplementedintheWindowssystem.Combinesthestructureandfunctionofthepackageandcarriedoutadetailedanalysisofpacketcaptureprinciple,anditsnetworksecuritymonitoringsystem.ThebasicprincipleofthesystemisapackagebycallingtheWinPcaplibrarytocaptureallthedataonthelocalnetwork,thenthepacketprotocolanalysis,whichcanmonitorthenetworkinrealtime.Keywords:Networkmonitoring,WinPcap,ProtocolanalysisIII目录摘要.....................................................................................................................................IABSTRACT......................................................................................................................II1引言.................................................................................................................................11.1课题背景··················································································11.2课题意义··················································································21.3研究现状··················································································21.3.1软件数据截取工具介绍·······················································31.3.2硬件数据截取工具介绍·······················································32网络监听技术综述........................................................................................................42.1网络监听概念············································································42.2网络监听的原理·········································································42.3WinPcap的原理··········································································52.3.1winpcap简介·····································································52.3.2WinPcap的体系结构····························································62.3.3WinPcap的功能与新特性······················································82.3.4网络数据包捕获的原理·······················································82.3.5在windows情况下捕获数据包的结构·····································92.3.6利用winpcap进行网络数据包的捕获和过滤的设计步骤············103相关网络协议的分析...................................................................................................113.1网络体系结构···········································································113.2网络协议的分析与实现·······························································113.2.1IP···················································································113.2.2TCP················································································123.2.3UDP···············································································123.2.4ICMP··············································································123.2.5通讯端口·········································································133.2.6IP地址············································································133.2.7地址分类·········································································133.2.8网关地址·········································································153.2.9OSI模型··········································································214局域网监听系统的设计及实现...................................................................................244.1局域网监听系统的设计·······························································24IV4.1.1功能设计·········································································244.1.2模块设计·········································································244.2局域网监听系统程序的实现·························································274.2.1建立Socket······································································274.2.2绑定本机IP地址······························································274.2.3设置为混杂模式·······························································274.2.4截获数据包:··············