本文關(guān)鍵詞： 網(wǎng)絡(luò)嗅探器 Winpcap TCP/IP　出處：《吉林大學》2014年碩士論文　論文類型：學位論文

【摘要】：隨著信息時代的高速發(fā)展，Internet所提供的業(yè)務(wù)范圍越來越廣，從簡單的資料查閱到線上交易，互聯(lián)網(wǎng)所承載的用戶信息十分龐大。而在現(xiàn)在主流的TCP/IP協(xié)議下，網(wǎng)絡(luò)顯露出很多安全問題。因此，在網(wǎng)絡(luò)給人們帶來愈來愈多便捷服務(wù)的同時，人們也開始更加關(guān)注其安全程度。這使得Internet的安全已經(jīng)成為亟待解決的問題。網(wǎng)絡(luò)嗅探器由此而生，它作為網(wǎng)絡(luò)流量監(jiān)控和故障檢測中必不可少的工具之一，已經(jīng)成為計算機專業(yè)一個重要的領(lǐng)域。 網(wǎng)絡(luò)嗅探器具有很強的收集數(shù)據(jù)的能力，無論在維護網(wǎng)絡(luò)安全方面還是輔助黑客進行攻擊方面都有著十分重要的作用。它可以有效的探測到網(wǎng)絡(luò)上傳輸?shù)臄?shù)據(jù)包信息，通過分析和利用可以有效的維護網(wǎng)絡(luò)安全。當我們深陷網(wǎng)絡(luò)問題的時候，嗅探器可以幫我們確定問題的根源所在。 本次研究基于對TCP/IP協(xié)議中各類數(shù)據(jù)包結(jié)構(gòu)和嗅探器實現(xiàn)原理的深入理解。在設(shè)計過程中我們將整個程序劃分為三個子模塊：網(wǎng)絡(luò)嗅探的設(shè)置、網(wǎng)絡(luò)數(shù)據(jù)包捕獲以及數(shù)據(jù)包解析和顯示，，我們對每一個模塊進行詳細的算法分析和設(shè)計。在這個過程中，我們采用面向?qū)ο蟮腃++進行實現(xiàn)，利用MFC、多線程技術(shù)。我們依據(jù)嗅探器的實現(xiàn)原理，依次實現(xiàn)對網(wǎng)絡(luò)適配器信息的獲取，打開網(wǎng)絡(luò)設(shè)備，設(shè)置并編譯過濾器，捕獲數(shù)據(jù)包，讀取離線數(shù)據(jù)包，我們通過每一步的具體實現(xiàn)，最終在在Windows平臺上實現(xiàn)了基于WinPcap的網(wǎng)絡(luò)嗅探器的實現(xiàn)。在研究過程中，我們解決了捕獲與解析數(shù)據(jù)包同時進行、跨線程調(diào)用主窗口控件以及packet_next_ex函數(shù)捕獲的header和pkt_data指針在postmessage后出現(xiàn)地址錯誤等重要問題。 此次開發(fā)的網(wǎng)絡(luò)嗅探器工具能夠根據(jù)協(xié)議類型、端口、地址信息對數(shù)據(jù)包進行過濾，采用了多線程的實現(xiàn)，并實現(xiàn)了易于使用的操作界面。完成了此次課題研究的目的。我們所設(shè)計的網(wǎng)絡(luò)嗅探器能夠詳細的顯示出所捕獲的數(shù)據(jù)包，從而在此基礎(chǔ)上做出相應(yīng)的分析和統(tǒng)計。
[Abstract]:With the rapid development of the information age, the scope of services provided by the Internet is becoming more and more extensive. From simple data access to online transactions, the Internet carries a huge amount of user information. However, under the current mainstream TCP/IP protocol, The network reveals a lot of security problems. Therefore, while the network brings more and more convenient services to people, People are also beginning to pay more attention to the security of Internet, which makes the security of Internet an urgent problem. Thus, network sniffer is one of the essential tools in network traffic monitoring and fault detection. It has become an important field of computer science. Network sniffer has a strong ability to collect data, whether in the maintenance of network security or in assisting hackers to attack, it can effectively detect the transmission of data packets on the network. Network security can be effectively maintained through analysis and utilization. When we are trapped in network problems, sniffer can help us identify the root cause of the problem. This study is based on the in-depth understanding of the various packet structures and sniffer implementation principles in the TCP/IP protocol. In the design process, we divide the whole program into three sub-modules: the setting of network sniffer, Network packet capture and packet parsing and display, we analyze and design each module in detail. In this process, we use object-oriented C to implement, According to the principle of sniffer, we can obtain the network adapter information, open the network device, set up and compile the filter, capture the data packet, read the off-line data packet. Finally, we realize the network sniffer based on WinPcap on the Windows platform through the concrete realization of each step. In the research process, we solve the problem of capturing and parsing data packets simultaneously. Some important problems such as cross-thread call to the main window control and header and pkt_data pointers captured by the packet_next_ex function occur after the postmessage. The network sniffer tool developed in this paper can filter data packets according to protocol type, port and address information. The design of the network sniffer can display the captured data packet in detail, and then make the corresponding analysis and statistics.
【學位授予單位】：吉林大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關(guān)期刊論文 前9條

1 魯恩銘;高建華;;原始套接字網(wǎng)絡(luò)嗅探器的實現(xiàn)與應(yīng)用[J];計算機安全;2013年02期

2 溫乃寧;龔尚福;;基于Winpcap嗅探器技術(shù)分析與實現(xiàn)[J];高校實驗室工作研究;2013年01期

3 趙鋼;;基于WinPcap的網(wǎng)絡(luò)嗅探器設(shè)計與實現(xiàn)[J];電腦知識與技術(shù);2013年15期

4 余朋;;網(wǎng)絡(luò)通信協(xié)議的分析與實現(xiàn)[J];電腦編程技巧與維護;2014年14期

5 王芳;;網(wǎng)絡(luò)欺騙和嗅探技術(shù)探討[J];計算機光盤軟件與應(yīng)用;2014年10期

6 張偉;王韜;潘艷輝;郝震華;;基于WinPcap的數(shù)據(jù)包捕獲及應(yīng)用[J];計算機工程與設(shè)計;2008年07期

7 王春霞;張莉;;基于Winpcap的網(wǎng)絡(luò)數(shù)據(jù)捕獲[J];邵陽學院學報(自然科學版);2014年01期

8 李昊;楊燕勤;;基于SNMP的高校校園網(wǎng)ARP欺騙攻擊的研究[J];通信與信息技術(shù);2014年02期

9 黃孝楠;韓宇;;用于局域網(wǎng)的網(wǎng)絡(luò)嗅探器的設(shè)計[J];網(wǎng)絡(luò)安全技術(shù)與應(yīng)用;2014年08期

本文編號：1501695