The Design and Implementation of Capture Tool of Network Data Packets
Abstract
The capture of network data packets plays an important part in network security, which is helpful for our better analysis of network data flow.
This paper is about a network monitoring tool based on Windows system, which emphasizes particularly on realizing the capture and analysis of network data packets and then displays them. Take analysis as an example, it will check the type of the IP protocol, the source address of IP, the destination address of IP and the port number. The capture of data packets is the basis of realizing the analysis of network protocol and network monitoring. Generally it can be realized via Winsock and Winpcap programming, or NDIS.
Use the Winpcap(Windows Packet Capture)to capture of data packets. Winpcap is a professional developing program based on Windows which is designed to help you to capture the data packs via Libpcap. Winpcap is much more powerful. It not only has integrated all the functions of Libpcap but also has some advanced functions.
In MFC programming of VC++6.0, the capture of network data packets can be realized via the invoking and control of the functions through a full control panel, and then the analysis of IP ,TCP,UDP and TCP/IP will be done before they are displayed. Certainly the information captured can be saved to the appointed destination in order to go through an advanced analysis.