| This thesis mostly concern design and implement a kind of new modern host-based firewall for PC based on Windows operation system which provides host network security.Firstly, this thsis introduces technology relating to the network security and host-based firewall, discuss and analysis the network protocol architecture of Windows deeply, research many kinds of network packet intercepting technology, analysis their merit and shortcoming, and gives a thoroughly overview of the architecture of host-based intrusion detection.Then we expatiates the system design project of personal firewall. Decide that using SPI plus NDIS implement network packet intercept; Divide this system to three modules: SPI filter, NDIS filter, user interface; and define the structure of the control rule file, log file, and intrusion rule file. Their main data structure is declared also.Finally, we detail how to design the core module and discuss the testing result of this software. Aiming at the shortage, we give the reasons and bring forward some valid resolution.The firewalls spreading on the market currently usually emphasis safety relatively, but they have some limitations in the speed of network packets processing and system resources occupation. To greatly parts of personal computer customs, the system responding time is more important than the safety to a certain degree. This system has good expansibility and relatively high speed. |
