| With the fast development of Internet,more and more corporations and users connect to the Internet. People are constantly exposed to various computer virus infection and hacker malicious attack when they enjoy the convenience and high efficient that Internet brings.Thereinto,personal computer is the easiest to be attacked. In order to solve the personal network security issues of Internet era, personal firewall technology is emerging in recent years.At present,the majority of personal firewall is realized based on a single packet filtrating mechanism,which restricts the function and reduce the safety performance of the firewall. Moreover most of the personal firewall does not realize the prevent ARP attack function. Based on the research of the interception of network datagram which is the core technology to firewall,we adopt the double filtration design scheme which combines the NDIS IMD and WINS0CK2 SPI technology. In kernel mode,we use NDIS IMD technology to intercept the raw packets through NIC card and filtrate data packets by visiting the control rules.Especially,we realize the function of filtrating illegal ARP packet. In user mode,we develop the dll program to implement the services based on socket capturing and filtrating through the Winsock2 SPI technology,there by we overcome the shortcoming during capturing packet by kernel mode or user mode only,greatly improve the system security nature. It is a new useful attempt for Windows personal firewall.This firewall is developed by the tools of VC++ 6.0,SDK and DDK,debugged by DebugView and Softice,which is based on Windows platform. After system design, code and test,it can run successfully on Windows and provides a good interface to users. It can control the action of the process which access to Internet and filtrate IP packets,especially filtrate the illegal ARP packets. The test results show that the firewall can prevent attacks of hackers and Trojan Horses effectively. |
PDF Full Text Request