·¢²¼Ê±¼ä£º2015-01-24 À´Ô´£ºÈË´ó¾­¼ÃÂÛ̳

ͨÐŹ¤³ÌרҵÂÛÎÄ Ä¿Â¼ ÖÐÎÄÕªÒª ¢ñ Abstract ¢ò µÚ1Õ Ð÷ÂÛ1 1.1 ÍøÂçͨÐÅ°²È«¼ò½é1 1.2 ÍøÂçͨÐÅ°²È«µÄÒâÒå1 1.3 ¿ª·¢¹¤¾ßµÄ½éÉÜ2 1.4 ¾ÖÓòÍøÍøÂ簲ȫ¼à¿Øϵͳ¹¦ÄܽéÉÜ2 µÚ2Õ Ïà¹Ø¼¼Êõ½éÉÜ4 2.1 Winsock±à³Ì¼¼Êõ4 2.1.1 WinsockµÄ»ù±¾¸ÅÄî4 2.1.2 WinsockµÄ±à³ÌÌصã4 2.1.3 Winsock»ù±¾API5 2.2 Winpcap±à³Ì¼¼Êõ6 2.2.1 WinpcapÄÚ²¿½á¹¹6 2.2.2 WinPcapµÄ×é³É7 2.3 sniffer¼¼Êõ7 2.3.1 snifferµÄº¬Òå7 2.3.2 snifferµÄ¹¤×÷Ô­Àí8 2.3.3 snifferµÄ¹¤×÷»·¾³8 µÚ3Õ ϵͳÉè¼Æ10 3.1 ϵͳµÄÐèÇó·ÖÎö10 3.2 ϵͳÉè¼Æ¼°¹Ø¼ü¼¼Êõ½éÉÜ10 3.2.1 ÆÁÄ»¿ØÖƼ¼Êõ10 3.2.2 ×¢²á±í²éѯ¼¼Êõ11 3.2.3 Á÷Á¿¼à¿Ø¼¼Êõ11 µÚ4Õ ϵͳʵÏÖºÍÖ÷Òª´úÂë13 4.1 ¿ª·¢»·¾³13 4.2 Èí¼þÉè¼Æ13 4.2.1 Á÷Á¿¿ØÖÆ13 4.2.2 ÆÁÄ»¼à¿Ø14 4.2.3 WinPcapµÄ°ü²¶»ñ¼¼Êõ17 µÚ5Õ ϵͳÔËÐкͲâÊÔ20 5.1 ÔËÐл·¾³20 5.2 ÔËÐнçÃæ20 5.2.1 ¶Ë¿ÚɨÃè´°¿Ú21 5.2.2 Êý¾Ý°ü´°¿Ú23 5.2.3 ÍøÂç·ÃÎÊ¿ØÖÆ24 5.2.4 Îļþ²Ù×÷´°¿Ú26 5.2.5 ×¢²á±í²Ù×÷29 5.2.6 ÆÁÄ»¼à¿Ø´°¿Ú30 5.2.7 CPUʹÓÃÂÊ31 5.2.8 Á÷Á¿¼à¿Ø32 ×ܽá33 ÖÂл34 ²Î¿¼ÎÄÏ×35 ¸½Â¼36 ÖÐÎÄÕªÒª Ëæ×ÅͨѶºÍ¼ÆËã»ú¼¼ÊõµÄѸÃÍ·¢Õ¹£¬¼ÆËã»úµÄÍøÂçÏòÊÀ½ç¸÷¸ö½ÇÂäÑÓÉ죬ÍøÂç³ÉΪÈËÃÇÉú»îÖв»¿ÉȱÉٵIJ¿·Ö¡£¹ú¼ÒÕþ¸®»ú¹¹¼°ÆóÊÂÒµµ¥Î»¶¼ÔÚ½¨Á¢×Ô¼ºµÄÍøÕ¾¡£Í¨¹ýÍøÂçÊ÷Á¢ÐÎÏ󡢿ªÕ¹ÒµÎñ£¬ÒѾ­³ÉΪÕþ¸®°ì¹«£¬ÆóÒµ·¢Õ¹µÄÖØÒªÊֶΡ£Ò²ÓÐЩ·¸×ï·Ö×Ó¿ÉÒÔºÜÈÝÒ×µØÀûÓü´Ê±Í¨ÐÅÈí¼þµÄ±ãÀûÐÔ£¬ÔÚÍøÂç̸ÂÛ²»·¨ÄÚÈÝ¡¢·¢Ð¹¶ÔÉç»áµÄ²»Âú¡¢ÔìÒ¥»óÖÚ¡¢É¢²¥²»·¨ÏûÏ¢£¬ÇáÒ׵شﵽËûÃǵÄËùÒªµÄÄ¿µÄ¡£ÈçºÎʹÈËÃÇÔÚÏíÊÜÍøÂç´øÀ´µÄ±ã½ÝºÍ»úÓöµÄͬʱ£¬Äܹ»È·±£ÍøÂçµÄ°²È«ÒÑÊÇؽÐè½â¾öµÄÎÊÌâ¡£ ±¾ÎĵÄÖ÷ÒªÄÚÈݾÍÊÇÂÛÊö¾ÖÓòÍøÍøÂ簲ȫ¼à¿Ø¹¤¾ßµÄÉè¼ÆºÍʵÏÖ¡£Ê×ÏÈ£¬±¾ÎĽéÉÜÁËһЩʵÏֵĻù±¾Ô­Àí£¬ÒÔ¼°ÓйØWinSockµÄÍøÂç±à³Ì»ù±¾Ô­ÀíºÍsniffer¼¼Êõ£¬WinPcap µÄ°ü²¶»ñ¼¼Êõ£¬ÎªÏµÍ³µÄÉè¼ÆºÍʵÏÖ×¼±¸ÁËһЩÀíÂÛ»ù´¡£»È»ºó½²ÊöÁ˾ÖÓòÍøÍøÂ簲ȫ¼à¿Ø¹¤¾ßµÄһЩ¹Ø¼ü¼¼Êõ£¬Öصã·ÖÎöÁËÆÁÄ»¼à¿Ø¼¼ÊõºÍWinPcap µÄ°ü²¶»ñ¼¼Êõ¡£ ±¾ÏµÍ³ÊÇC/Sģʽϵͳ£¬ÊµÏÖµÄÖ÷Òª¹¦ÄÜÊÇ¿Í»§¶Ë½ø³Ìͨ¹ýÇëÇó·þÎñÆ÷½ø³ÌµÄ·þÎñ£¬ÊµÏÖ¶Ô·þÎñÆ÷¼à¿Ø£¬¼à¿ØµÄÖ÷Òª·½Ê½ÓУºÉ¨ÃèÖ÷»úÊÇ·ñÔÚÏߣ¬²¶»ñ¾ÖÓòÍøÄÚµÄÊý¾Ý°ü£¬Ö±½ÓÖ´ÐкͲÙ×÷Êܿض˵ÄÎļþ£¬²Ù×÷ÊÜ¿ØÖƶ˵Ä×¢²á±í£¬¼à¿ØÊÜ¿ØÖƶ˼ÆËã»úµÄÆÁÄ»£¬ÍøÂçÁ÷Á¿¼à¿Ø£¬½ûÖ¹ä¯ÀÀijЩÍøÕ¾£»ÏµÍ³ÊÇÒÔWindows VistaΪ¿ª·¢Æ½Ì¨£¬ÔÚVisual C++6.0»·¾³Ï¿ª·¢Íê³ÉµÄ¡£ ¹Ø¼ü´Ê£º¼à¿Ø£¬ÆÁÄ»¼à¿Ø£¬Á÷Á¿¿ØÖÆ£¬Êý¾Ý°ü²¶»ñ Abstract Along with the communication and computer technology's rapid development, computer's network extends to world each corner, accesses the net to become the people to live the essential part. The National government organization and the Enterprises and institutions are establishing own website. Through accesses the net to set up the image, the development service, already became the government work, the enterprise development important means. Also some criminal offender may use the immediate correspondence software's convenience very easily, in on-line discussion illegal content, gives vent to society's disaffection, fabricates a rumor deludes the people, the dissemination illegal news, serves the purpose which easily they want. How to cause the people while enjoys the network to bring convenient and opportunity, can guarantee that the network the security already was the question which needed to solve. This article primary coverage is elaborates the local area network network security to monitor tool's design and to realize. First, this article introduced some realize the basic principle, as well as the related WinSock network programming basic principle and the sniffer technology, the WinPcap package capture technology, and realized for system's design has prepared some rationale; Then narrated the local area network network security monitors tool's some key technologies, selective analysis screen monitoring technology and WinPcap package capture technology. This system is the C/S pattern system, realizes the major function is the client side advancement through the request server advancement service, realizes to the server monitoring, the monitoring fundamental mode includes: Scans the main engine whether online, catches in local area network's data packet, the direct execution and the operation are controlled the end the document, operates is controlled the end the registry, monitors is controlled the end computer's screen, the network current capacity monitoring, forbids to glance over certain websites; The system is as develops the platform take Windows VISTA, environment develops in Visual under the C++6.0 completes. Keywords: Monitoring, screen monitoring, flow control, data packet capture