Analysis And Recovery Of Data Packet Based On SMTP

With the development and popularities of Internet, the E-mail gets much love from peoples as a communication way with the characters of fast transportion,group sentment and convenience. The E-mail becomes a very important daily communication way and deep into people's lives. The E-mail gives people facility, meanwhile it also brings many security incidents such as corporate disclosure,E-crime,computer virus, hacking and so on. These issues affect people's normal life; sometimes even influence the copration and national security. In order to reduce the occurrence of these insecurity incidents, a group of safe rules and regulations is needed. If the monitoring systems could be founded, the network security will be enhanced and E-crime will be well controlled by monitoring the sensitive information and suspicious users' behavior.For these characters referred above, this paper offers a group of ideas and programs for restoring the message content based on deeply analysis of SMTP working principles.This program offered by this paper is entirely feasible. It can monitor and watch all the Email sending in the LAN, which is certified by the actual test.At first,the paper introduce the reserch background and discuss the security problem of E-mail communication, anlysis the object and significance of building the mail monitoring system and reserch the working principle and model of SMTP protocol.Secondly,the paper introduce the knowledgement of the monitoring software referred,including Linnids data structure, interface function,base-64 encoding,base-64 decoding and so on.A programme of restoring the mail content is designed by these principles.The first step is reappearing the content of mail based on the TCP data frame reorganizational function of the Libnids SDK.Use the base-64 decoding to restore the detail content of E-mail is the second step.The final step is doing a data storage into the database for users'requiry and monitoring.Then the analisis and restore process based on SMTP data packets have been done successful.At last,the paper discusses how to build the hardware envirment and show the whole project test result including the program process,query process and storage results.The system discussed in paper have been proved to have high reliability and universal by doing several tests.