Sniffer Technology Research And Application Development

The rapidly expanding of network and Internet has brought kinds of problems innetwork security. More and more people are affected by these problems. In networksecutity, Network Research Center of China University of Geosciences (Beijing)made a systemtic solution that included four parts. One part of this solution isphysical security. Another is network security. The others are information securityand application security. But the vulnerabilities of operating system and theopenness of the network made the campus network that still has some problems.The thesis research these problems which always occur in thecampus network, andthen design some programs to make campus network safer.In order to solute the problem of vulnerabilities, an update server has been built.The users of campus network can easily update their operating system byconnecting this server with executing the program of client. For scouting the illegalactions and founding the hackers in the campus network. the thesis designed theIntrusion Detection System of campus. It could capture the packets that tansferingon the network by using the technology of sniff. Then CamIDS record the illegalactions into Database by telling whether the data in packets are identical with theillegal data. The result of detectiong can be seen in the WEB page. The thesis madethe other function of CamIDS is 'portscan'. This function could detect scan ofnetwork by the rate of the number of packets and time.The feature of this funtion istell the series actions of packets.After using the Intrusion Detection System of campus, the thesis analyzed kindsof actions of intrusion which were found in the subnet of 202.204.96.*/24. At theend of the thesis, two things were demonstrated. One of these is the plan of work inIntrusion Detection System of campus. Another is the tendency of intrusiondetection technologies.