Research And Realization Of Network Packets Capture By Using Intermediate Drivers

With the popularization of computer application, network security is causing more and more concerns. In the campaign command control system, security is obviously important. There are many ways to guarantee network security, in this paper, we do a research on using intermediate driver to capture and filter network packets in order to promote security level.Firstly this paper introduces Windows network architecture, and compares several kinds of methods generally used to capture network packets in different layers. After that, this paper emphasizes the method of using intermediate drivers (IMD), with a explanation of its classification and peculiarities.This paper particularly introduces the initialization, binding, send packets and receive packets procedure of intermediate drivers, and pays a special attention to the packet descriptor and buffer descriptor structures, which is essential to programming drivers. Finally, this paper implements the function of capturing and filtering networking packets, which is validated by using DbgView.