摘要
随着公安信息网络的迅猛发展,各项公安工作对公安信息网络的依赖程度越来越高,然而公安信息网络的安全保密工作正面临严峻的挑战.采用WinPcap对公安信息网络中捕获的数据包进行分析,能够让管理员深入了解和掌握当前网络运行状态,因此研究网络底层数据包的捕获和分析技术对于保障公安信息网络安全有着重要的意义.WinPcap提供的驱动接口,可以在数据链路层实现对网络数据流的捕获和分析.笔者对WinPcap的结构和功能进行了详细的介绍和分析,阐述了基于WinPcap捕获和分析网络数据包的方法和主要步骤.本系统采用采用VC++编写,能过滤用户指定的IP地址、端口号和网络协议的数据包,并在界面实时显示数据包的具体信息.
With the rapid development of the network technology, more and more police works depend on the police information network, but its security is facing severe challenge. WinPcap is widely used in network data packet capture and analyze, which lets administrators able to deeply grasp the network status. Therefore, studying data packet capture and analysis methods has great significance for network security. Using the driver interface provided by WinPcap, network data stream can be captured and analyzed in the data link layer. This paper introduces the structure and function of the WinPcap, describes the main steps of data packet capture and analyze. The system is developed using VC + + , which can filter data packtes with specified IP address, port, or protocol, and show the detail information of data packets in real time.
出处
《山东师范大学学报(自然科学版)》
CAS
2012年第3期36-39,共4页
Journal of Shandong Normal University(Natural Science)
