100 sets of computer graduation projects
WeChat Mini Program Project Practice
If you need the source code, drop me a message
Table of contents
1. The purpose and significance of topic selection
2. Overview of technologies and methods related to this topic
4. Design environment, methods and measures
1. The purpose and significance of topic selection
The emergence and rapid development of the Internet have brought unprecedented leaps to modern people's production and life. The Internet has become an important tool for expanding personal and business development, and people have entered the information age. The Internet has reduced the entire human society into a village - the "global village", promoted the exchange of information, improved people's work efficiency, and enriched people's lives. People are enjoying all the conveniences brought by the information age and experiencing new feelings in life brought by the Internet. But everything has its advantages and disadvantages. As reliance on the Internet increases, network security issues become more and more obvious. Since hacker attacks and information leaks do not directly cause damage to the system, they often fail to attract people's attention. People always realize the importance of network security only after network security problems occur and bring serious consequences. With the further popularization of the Internet, network security products have gradually entered people's field of vision, and firewalls, as an important tool to guard the user's security door, have attracted more and more attention.
Most of the firewall products currently on the market are only gateway types. Although their functions are quite powerful, they are based on the following assumption: the internal network is safe and reliable, and all threats come from outside the network. Therefore, they cannot protect themselves from the outside but not from the inside. It is difficult to achieve secure communication between hosts in the enterprise's internal LAN, and they cannot well solve the security problem of the host where each dial-up user is located. However, most individuals are not physically connected when surfing the Internet. Within a protected secure network.
Most personal Internet users use the Windows operating system, but the security of the Windows operating system itself is not high. Various Windows vulnerabilities are constantly being announced, and attacks on hosts are increasing. Generally, attacks are implemented by exploiting security vulnerabilities in operating system design and communication protocol security vulnerabilities. For example, fake IP packets are used to deceive both communication parties; bombing attacks are carried out by sending a large number of IP data packets to the host, causing it to collapse; and blue screen attacks are also carried out. Therefore, in order to protect the secure communication of hosts, it is necessary to study effective personal firewall technology.
2. Overview of technologies and methods related to this topic
This design uses the Filter-Hook Driver provided in Win2000 DDK to implement packet filtering. The filter hook driver is a core-mode driver for filtering network packets, which extends the functionality of the system-provided IP filter driver.
The filter hook driver implements a filter hook callback function and registers the callback function in the IP filter driver provided by the system. This callback function is considered a filter hook. When a packet needs to pass through, the IP filter driver will call this filter hook to decide how to handle the arriving and output packets.
Visual C++ 6.0 is a powerful software development platform launched by Microsoft and is one of the preferred development tools for "real programmers". Visual C++ is not just a compiler, it is a comprehensive application development environment. With it, you can make full use of C++ with object-oriented features to develop professional-level Windows applications. It is a C++ implementation that provides a powerful integrated development environment; on the other hand, it provides some C++ class libraries, the most influential of which is MFC. In addition, Visual C++ also integrates a large number of development tools, especially Internet-related development support. Visual C++ 6.0 is based on ANSIC++, and has made a large number of extensions on this basis to adapt to the needs of developing various Windows applications. So far, the vast majority of Windows applications have been developed with Visual C++ 6.0 or its earlier versions, and Visual C++ 6.0 has become the first choice for large-scale software development in the Windows environment.
MFC is a large, extended C++ class hierarchy that makes developing Windows applications easier. MFC is compatible across the entire Windows family, that is to say, whether it is Windows 3.x, Windows 95 or Windows NT, the MFC used is compatible.
3. Main design content
1. Add and delete function modules for filtering rules
To filter packets, a packet filtering firewall needs to filter packets according to user-defined rules. This functional module enables users to add or delete filtering rules.
2. Filter rule display function module
This function is used to display the rules added by the user, and can delete, install, and uninstall each rule, so that the firewall filtering rules can be displayed to the user in great detail.
3. Filtering rule storage function module
This function is used to store filtering rules added by users, accept user operations on each rule, and process the rules according to user operations.
4.File storage function module
The filtering rules added by users can be saved in the form of files for easy storage. After users add rules, they can select a certain rule to save. The firewall will save the rule as a file with the suffix .rul. You can open the firewall next time Load the rule directly.
5.File loading function module
Relative to the file storage function module, this function allows users to import a file with the suffix .rul and save valid rules.
4. Design environment, methods and measures
1. Environment
Operating system: Windows XP
Development environment: visual c++ 6.0
2.Methods and measures
1) Search for information, analyze the relevant functions of the firewall, and write a demand analysis based on the relevant requirements of this graduation project.
2) Comprehensive use of relevant knowledge learned previously, based on demand analysis in design, write system development plans, implementation processes and implementation methods of related issues
3) During development, design and implementation, relevant design documents must be kept.