本文主要为广大网友提供“网络数据包捕获工具的设计与实现”,希望对需要网络数据包捕获工具的设计与实现网友有所帮助,学习一下!
包括论文,设计,论文字数:12992,页数:32
摘 要
网络数据包的捕获对于网络安全有着巨大的作用,为我们更好的分析网络中的数据流提供了帮助。
本论文是基于Windows下开发一个网络监听工具,侧重点在于实现网络数据包的捕获,然后分析并显示捕获到的数据包信息这部分功能的实现,如分析:IP首部协议类型、源IP、目的IP和端口号等。数据包的捕获是实现防火墙、网络协议的分析或者网络监听等等功能的核心内容,一般可以采用Winsock编程、Winpcap或者NDIS网络接口驱动来实现。
采用的是Winpcap(Windows Packet Capture)来实现的抓包功能。Winpcap是Windows平台下一个专业网络数据包捕获开发包,是为Libpcap在Windows平台下实现数据包捕获而设计的。Winpcap功能更加强大,不仅具备了Libpcap的功能,还具有一些其他功能。
通过VC++6.0中MFC编程实现通过一个完整界面来控制调用Winpcap中的函数来实现对网卡信息的捕获和循环捕获数据包,然后通过预先对于IP、TCP、UDP等数据包的定义和TCP/IP等协议来解析其中包含的内容并返回显示捕获到数据包的信息,当然也可以保存捕获到的数据包到指定地点以便进一步分析。
关键词:Winpcap;NPF;VC++6.0;TCP/IP;计算机网络;
The Design and Implementation of Capture Tool of Network Data Packets
Abstract
The capture of network data packets plays an important part in network security, which is helpful for our better analysis of network data flow.
This paper is about a network monitoring tool based on Windows system, which emphasizes particularly on realizing the capture and analysis of network data packets and then displays them. Take analysis as an example, it will check the type of the IP protocol, the source address of IP, the destination address of IP and the port number. The capture of data packets is the basis of realizing the analysis of network protocol and network monitoring. Generally it can be realized via Winsock and Winpcap programming, or NDIS.
Use the Winpcap(Windows Packet Capture)to capture of data packets. Winpcap is a professional developing program based on Windows which is designed to help you to capture the data packs via Libpcap. Winpcap is much more powerful. It not only has integrated all the functions of Libpcap but also has some advanced functions.
In MFC programming of VC++6.0, the capture of network data packets can be realized via the invoking and control of the functions through a full control panel, and then the analysis of IP ,TCP,UDP and TCP/IP will be done before they are displayed. Certainly the information captured can be saved to the appointed destination in order to go through an advanced analysis.
Key words: Winpcap;NPF;Visual C++6.0;TCP/IP;Computer Network;
目 录
1 引言 1
1.1 课题背景 1
1.2 国内外研究现状 1
1.3 课题研究的意义 1
2 设计理论依据 2
2.1 OSI与协议族 2
2.2 面向对象和可视化编程 4
2.3 Winpcap开发技术详解 5
2.3.1 Winpcap介绍 5
2.3.2 Winpcap 的组成 5
2.3.3 Winpcap 数据结构 7
2.3.4 Winpcap 函数 8
3 设计方案与系统功能描述 10
3.1 设计方案 10
3.2 功能描述 11
3.3 系统流程图 12
4 编码实现 12
4.1 Winpcap环境设置 12
4.2 MFC控件相关 14
4.3 定时器和系统时间的获得 15
4.4 捕获并显示本机信息 16
4.5 捕获数据包及相关操作 17
5 软件测试与结果 22
5.1 网卡信息获取 22
5.2 整合到MFC界面中的程序测试 23
结 论 24
参考文献 25
致 谢 26
声 明 27
网络数据包捕获工具的设计与实现......
