| With the high-speed development of information technology, people’s demand for network is increasing. Network has been integrated into all aspects of life, and constantly changes the way we deal with affairs in life and interpersonal relationship, but nowadays the network security problem becomes increasingly serious. In network security, attack and prevention are a pair of contradiction, which influences each other and promotes each other. The purpose to study network attack techniques is to have better protection against it. This essay mainly studies the ARP attack process, that is, the data package intercepted process and the technical implementation of high-speed transfer of the data package. The essay is mainly about:First, it studies the working principles of ARP protocol and the ARP deception, ARP frame format, the flaws of the ARP protocol, and the techniques to attack by the usage of ARP vulnerabilities. Second, in this essay, it illustrates the structure and usage of Winpcap development pool system, also the data package capture and protocol parsing process. By using Winpcap development pool within three modules of calling each other programming to realize the ARP deception, so as to achieve the purpose of capturing data package, as well as the programming to realize data package’s high-speed transfering. Third, it studies the data sending and receiving process of the middle tier driver of the NDIS, data packages a copy of the process and the structure of package descriptor, and by using Microsoft Win DDK development kit, on the basis of the middle tier driver of the NDIS, packages intercepted by programming with the function of high-speed transfer. Fourth, with the help of winpcap through Wire Shark caught software to grab, and the middle tier driver of the NDIS to realize high speed package trsnfer, and makes a comparison of critical elements of the two methods, like transfer delay, efficiency and package loss rate. |
PDF Full Text Request