The Design And Implement Of Network Vulnerability Detection System

In order to safeguard the security of network information system, the network vulnerability detecting system is worth of thorough research.Firstly, the interrelated knowledge about network security vulnerability is introduced in this thesis, include definition, cause of formation, character and attribute, sort and detecting method. Different kinds of skills and characteristics of port-scan technique are analyzed and compared in this thesis. Then, the virtues and defects of three kinds of fingerprint technique of OS-detect are also analyzed and compared.Secondly, on the basis of the above studies, a network vulnerability detecting system is designed. Two modules of port-scan and OS-detect used for detecting the information of destination computer are designed in this system. System vulnerabilities are analyzed by using the detected information and vulnerability database.A network vulnerability detecting system is designed, which has better synthetical performance. Firstly, it can offer multi port-scan techniques. Secondly, it can detect opened ports on the basis of results of the first port-scan, and get the information of service and version of these opened ports. Thirdly, through many kinds of detecting ways, it can get the OS-fingerprints of TCP/IP protocol stack of the destination computer, and guess the faraway operation system exactly. At last, taking CVE (Common Vulnerabilities and Exposures) as the standard, a more practical vulnerability database by combining the structures of two large-scale oversea vulnerability databases is designed.By using Winsock2 API, several modules of the implement are designed and realized, including raw-socket-send/sniffer module, port-scan module, OS-detect module and vulnerability-analysis module. With the multi-thread technique, the policies of disordering the port number, sending data simultaneously, adjusting the control time and so on, the secret, accuracy and speed of scanner have been increased.At last, the executive process of the system is analyzed through the instance, the comparative results to other detecting systems are listed in this thesis.