当前位置:网站首页>信息安全实验四:Ip包监视程序实现
信息安全实验四:Ip包监视程序实现
2022-07-07 06:38:00 【一顿吃不饱】
一、实验目的及要求
学生在熟悉网络数据通信原理以及TCP/IP协议结构原理的基础上,运用套接字编程实现的网络封包监视技术,有效地探测在网络上传输的数据包信息,通过对这些信息的分析利用是有助于网络安全维护的。要求:
1.熟悉网络数据通信原理以及TCP/IP协议结构原理。
2.掌握Ip包发送和接收过程。
3.在所学知识的基础上自己确定实验方案,画出流程图,独立编程,实现网络监听程序。
4.对获取的数据包进行简单分析。
二、实验内容
将网卡的工作模式设置为混合模式。获取局域网内的某台(多台)主机的MAC地址,捕获到所有经过网卡的数据包,并可从中分析出协议、IP源地址、IP目标地址、TCP源端口号、TCP目标端口号以及数据包长度等信息。
三、实验环境
运行windows的PC机,具有JAVA、VC(windows)等语言编译环境。
四、实验步骤及结果分析
1. 下载安装WinPcap,WinPcap可以为应用程序提供访问网络底层的能力。它用于windows系统下的直接的网络编程。
2. 下载Jpcap.jar包,用于抓包实验运行,jpcap实际上并非一个真正去实现对数据链路层的控制,而是一个中间件,JPCAP调用winpcap/libpcap,而给JAVA语言提供一个公共的接口,从而实现了平台无关性
3.根据Jpcap.jar包的相关类与方法进行实验编写
绑定网络设备
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
for (NetworkInterface n : devices) {
System.out.println(n.name + " | " + n.description);
}
进行抓包
int i = 0; while (i < 10) { Packet packet = jpcap.getPacket(); if (packet instanceof IPPacket && ((IPPacket) packet).version == 4) { i++; IPPacket ip = (IPPacket) packet;//强转 System.out.println("版本:IPv4"); System.out.println("优先权:" + ip.priority); System.out.println("区分服务:最大的吞吐量: " + ip.t_flag); System.out.println("区分服务:最高的可靠性:" + ip.r_flag); System.out.println("长度:" + ip.length); System.out.println("标识:" + ip.ident); System.out.println("DF:Don't Fragment: " + ip.dont_frag); System.out.println("NF:Nore Fragment: " + ip.more_frag); System.out.println("片偏移:" + ip.offset); System.out.println("生存时间:" + ip.hop_limit); String protocol = ""; switch (new Integer(ip.protocol)) { case 1: protocol = "ICMP"; break; case 2: protocol = "IGMP"; break; case 6: protocol = "TCP"; break; case 8: protocol = "EGP"; break; case 9: protocol = "IGP"; break; case 17: protocol = "UDP"; break; case 41: protocol = "IPv6"; break; case 89: protocol = "OSPF"; break; default: break; } System.out.println("协议:" + protocol); System.out.println("源IP " + ip.src_ip.getHostAddress()); System.out.println("目的IP " + ip.dst_ip.getHostAddress()); System.out.println("源主机名: " + ip.src_ip); System.out.println("目的主机名: " + ip.dst_ip); System.out.println("----------------------------------------------"); } }
4.实验结果
实验总结:通过本次实验,我了解了网络数据通信原理,掌握了掌握Ip包发送和接收过程,并通过Jpcap.jar包调用winpacp实现访问网络底层的能力,在程序中引用jpcap类中的方法实现了对IP包的监视和分析
边栏推荐
- (3/8)枚举的不当用法 之 方法参数(二)
- Common short chain design methods
- What is the rating of Huishang futures company? Is it safe to open an account? I want to open an account, OK?
- C language pointer (exercises)
- Leetcode刷题记录(数组)组合总和、组合总和 II
- Chaosblade: introduction to chaos Engineering (I)
- C language pointer (special article)
- Detailed learning notes of JVM memory structure (I)
- [SVN] what is SVN? How do you use it?
- 【Istio Network CRD VirtualService、Envoyfilter】
猜你喜欢
Error: selenium common. exceptions. WebDriverException: Messag‘geckodriver‘ execute
Register address name mapping
Hard core sharing: a common toolkit for hardware engineers
Expérience de port série - simple réception et réception de données
Pytest installation (command line installation)
Reflections on the way of enterprise IT architecture transformation (Alibaba's China Taiwan strategic thought and architecture practice)
MySql数据库-事务-学习笔记
What are the conditions for applying for NPDP?
Reading notes of pyramid principle
Confitest of fixture py
随机推荐
STM32 clock system
Systick滴答定时器
Mysql数据库-锁-学习笔记
Upgrade Alibaba cloud RDS (relational database service) instance to com mysql. jdbc. exceptions. Troubleshooting of jdbc4.communicationsexception
Error: selenium common. exceptions. WebDriverException: Messag‘geckodriver‘ execute
Serial port experiment - simple data sending and receiving
C语言指针(特别篇)
MySQL common statements
Record of structured interview
Troublesome problem of image resizing when using typora to edit markdown to upload CSDN
Mysql database index study notes
Sublime Text4 download the view in bower and set the shortcut key
Interface test API case, data and interface separation
The use of recycling ideas
Pytest+request+allure+excel interface automatic construction from 0 to 1 [familiar with framework structure]
UnityShader入门精要个人总结--基础篇(一)
Expérience de port série - simple réception et réception de données
Idea development environment installation
NVIC interrupt priority management
What are the suggestions for PMP candidates?