| With the rapid development of Internet, more and more personal computers have been connected to Internet. But while people enjoy the convenience brought by Internet, problems of network security are increasing. In the current personal network security products, personal firewall is a very important network security one. Compared with the popular personal firewall technologies, a new method which is based on NDIS-HOOK and SPI is suggested. Using this method, the author has designed a personal firewall based on NDIS-HOOK and SPI on Windows platform.Windows uses NDIS function library to realize the NDIS interface, thus, all network communication must use NDIS. The work principle of NDIS-HOOK is that by means of replacing directly the address of function in NDIS database, the request for NDIS would be first passed to the user-defined function, then transmitted to the system function. Using NDIS-HOOK, the lower-layer data packets can be captured. SPI uses Winsock Service Provider Interface to realize the personal firewall, which is a new programming interface offered by the Windows Socket 2.0. Using this method, the data packets of application layer can be captured. This thesis combines the NDIS-HOOK with SPI. In application layer, the system uses SPI to filter all kinds of application program. In kernel layer, the system uses NDIS-HOOK to filter all kinds of non-socket data packets.First, the knowledge of network security and personal firewall are introduced in the thesis, and development of personal firewall technologies is discussed. Then the technologies of personal firewall are compared, and the method used in this thesis is chosen. Thirdly, the whole structure and function are expatiated. At last, the kernel common module, file of control rule and log file are designed, and the next-step work of system is viewed.
|
PDF Full Text Request