基于WinPcap监听系统的设计与实现

Design and implementation of WinPcap-based sniffer system

从网络数据包及数据包捕获的基本概念出发,给出了利用WinPcap进行网络数据包捕获的基本过程,提出了在包捕获过程中解决丢包问题的双线程办法,设计并实现了一款实用的基于WinPcap的面向中小企业的网络监听系统,重点阐述了系统主要模块—捕包模块的基本工作原理。测试结果表明,所开发的监听系统能有效地对网络的数据进行实时抓捕,并能对数据的协议类型、数据内容、数据流量等主要参数进行分析和显示。

The concept of network data packet and its capture are introduced. And the experiment procedure of the packet capture based on the WinPcap was designed. The dual-thread model was adopted to solve the problem of WinPcap packet loss. A network sniffer system software was designed and implemented. And the main principle of packet capture module was explained. The test results show that the sniffer system can effectively capture the network data on real time, analyze and show the related parameters such as data protocol type, data content and data flow.