现代电子技术2012,Vol.35Issue(6):49-52,56,5.
基于Windows内核态个人防火墙的设计与实现
Design and implementation of personal firewall based on Windows kernel mode
何映 1覃以威 1李丹1
作者信息
- 1. 广西师范大学物理科学与技术学院,广西桂林541004
- 折叠
摘要
Abstract
In order to improve the firewall s ability to intercept illegal packets and enhace the security of the host running a Windows OS, a personal firewall was designed and implemented based on Windows kenel mode. It consists of two main parts: application programs which runs in user mode, and driver programs which runs in kernel mode. The received packets are monitored in real-time and the security rules are implemented with the former, and the packets are intercepted with the latter which is designed based on NDIS. The communication between user-mode and kernel-mode inter-process is implemented with the way of driver defined IOCTL. The test results show that this firewall can run stably on Windows platform and can effectively intercept all the illegal packets.关键词
防火墙/NDIS/中间层驱动/Passthru/进程间通信Key words
firewall/NDIS/middleware drive/Passthru/inter-process communication分类
信息技术与安全科学引用本文复制引用
何映,覃以威,李丹..基于Windows内核态个人防火墙的设计与实现[J].现代电子技术,2012,35(6):49-52,56,5.
