简体繁体 English

网络编程和数据包交互

[英]Network programming and Packets interactions

原文 2010-05-03 05:14:40 5 5 c#/ java/ c++/ network-programming/ packet

Greeting, 问候语

This month I will start working on my master thesis. 这个月我将开始我的硕士论文。 My thesis's subject is about network security. 我论文的主题是网络安全。

I need to deal with network interfaces and packets. 我需要处理网络接口和数据包。

I've used shappcap before to interact with packets but I'm not sure if C# is the most powerful language to deal with network programing and packets. 我之前使用过shappcap与数据包进行交互，但是我不确定C＃是否是处理网络编程和数据包的最强大的语言。

I worked a bit with wireshark and I saw how powerful it is and as you know winsharp is open source developed using C++. 我与Wireshark一起工作了一段时间，我看到了它的强大功能，并且您知道winsharp是使用C ++开发的开源代码。

I'm not sure if I should use C# or C++ for network security programming and I want your through about the best language might be for network programming and packets interaction. 我不确定是否应该使用C＃或C ++进行网络安全编程，我想让您了解最好的语言可能是用于网络编程和数据包交互。

should I use C#, C++, or java or some thing else? 我应该使用C＃，C ++或Java还是其他东西？

please give me your advice. 请给我您的建议。

Thank you, 谢谢，

UPDATE .......................... 更新..........................

I'm going to do different packet mining by taking each packet and read each field on it then use these values and in same stages I would modify some of the packets value then resend them back. 我将通过获取每个数据包并读取其上的每个字段，然后使用这些值来进行不同的数据包挖掘，在相同的阶段中，我将修改一些数据包值，然后将其重新发送回去。

I want to control the packet since it received by the network interface until it passes to the application layer. 我要控制数据包，因为它已被网络接口接收，直到传递到应用程序层为止。

also 也

5 个解决方案

You'd be able to do network programming using almost any language you want to. 您几乎可以使用任何想要的语言进行网络编程。 If you are equally comfortable in all of the languages you've mentioned, you should determine what system libraries or APIs will you be interfacing with. 如果您同样熟悉所提到的所有语言，则应确定将要与之交互的系统库或API。 For example, if you will be doing packet-level network programming on a Unix system, C would probably be your best best. 例如，如果您要在Unix系统上进行数据包级的网络编程，则C可能是最好的选择。 If you want to integrate with Wireshark, go with C++. 如果要与Wireshark集成，请使用C ++。 If you want to use an Apache Commons component, use Java. 如果要使用Apache Commons组件，请使用Java。 I suggest you come up with a more specific set of requirements for your actual program before trying to decide which language to use. 我建议您在尝试决定使用哪种语言之前，为实际程序提出一套更具体的要求。

WireShark uses WinPCap so you could go that route as well. WireShark使用WinPCap，因此您也可以走那条路。

For security application, is that a intrution detection system or do you actually want to drop offending packets? 对于安全应用程序，这是入侵检测系统，还是您实际上是想丢弃违规数据包？ WinPCap, SharpPCap etc. do not allow you you drop packets, for this you will need to look at some kind of intermediate driver or look at Windows Filtering Platform (WFP) WinPCap，SharpPCap等不允许您丢弃数据包，为此，您需要查看某种中间驱动程序或Windows筛选平台（WFP）
http://www.microsoft.com/whdc/device/network/WFP.mspx http://www.microsoft.com/whdc/device/network/WFP.mspx

IMHO, if you can find a callback driver that calls back to user mode and allows you to filter the packets from C# or C++, this would probably be fine for experimental purposes etc. but for a production solution, I think you would need to stick to the kernel level to ensure that you can keep-up with the peek volume. 恕我直言，如果您可以找到一个回调驱动程序，该回调驱动程序可以返回用户模式并允许您过滤来自C＃或C ++的数据包，那么这对于实验目的等可能就可以了，但是对于生产解决方案，我认为您需要坚持一下到内核级别，以确保您可以了解更多信息。

Use C++, Boost and Poco and you can do what you want. 使用C ++，Boost和Poco，您可以做自己想做的事情。 Boost asio is: Portable networking, including sockets, timers, hostname resolution and socket iostreams. Boost asio是：便携式网络，包括套接字，计时器，主机名解析和套接字iostream。 Poco library also provides solutions for network, cryprography NetSSL ... and more. Poco库还为网络，加密NetSSL等提供解决方案。 For more information you can visit www.boost.org and www.pocoproject.org 有关更多信息，请访问www.boost.org和www.pocoproject.org

如果愿意，可以使用Java-jpcap效果很好。

I would suggest using C#, since there is a very strong library called Pcap.Net that wraps WinPcap with .NET code. 我建议使用C＃，因为有一个非常强大的库称为Pcap.Net ，该库用.NET代码包装WinPcap。 This should make it easy for you to receive, send and interpret packets different packets of different protocols. 这应该使您可以轻松地接收，发送和解释不同协议的不同数据包。