A Study And Realization On Network Sniffing Technology Of MFC Net Based On WinPcap

With the rapid development of computer technology, network technology, communication technology and the continuous improvement of the people’s living standard, network security issues become more and more serious. There will be tens of thousands of attacks every second, resulting an enormous loss. Each year, endless stream of reports referring to the network security issues emerge; viruses, worms spread more quickly. More and more funds invested to solve the issue of network security. Network technology to detect areas of network security is an important technology. People can take the initiative to capture all or a specific network packets for analysis in order to identify potential network security problems, avoiding illegal using and attacking by hackers and others. By setting the network card into promiscuous mode, monitoring card, accessing to network packets, and understanding the flow of data and content, it can provide material for network security analysis together with a lock systemThe thesis studies on a network to detect the design and implementation of procedures. The use of the open-source network packet of Windows platform captures development library WinPcap and realize a small network detection program.Elaboration of the basic knowledge and basic principles:it introduces the OSI model, common network protocol, ARP spoofing principle and sniffing technology. We introduce the principle of sniffer, the potential harm brought by sniffer in network communication, and the characteristics of sniffer appearing in the running network. Based on the special attributes of different application protocols of TCP/IP protocol family, an algorithm for the construction of various types of message object is proposed. Filtering algorithm is developed according to the type of Ethernet frame header. It is used to perform protocol analysis for the data packets, and intercepts useful information.By using Visual C++6.0development tools and WinPcap driver development kits, a switched LAN sniffer is developed, and it achieves network sniffing under swithed network environment. Tests are performed for the switched LAN sniffer. Each functional module for the sniffer is tested in detail, and the corresponding test results is obtained.