开发者

Network programming and Packets interactions

Greeting,

This month I will start working on my master thesis. My thesis's subject is about network security.

I need to deal with network interfaces and packets.

I've used shappcap before to interact with packets but I'm not sure if C# is the most powerful language to deal with network programing and packets.

I worked a bit with wireshark and I saw how powerful it is and as you know winsharp is open source developed using C++.

I'm not sure if I should use C# or C++ for network security programming and I want your through about the best language might be for network programming and packets interaction.

should I use C#, C++, or java or some thing else?

please give me your advice.

Thank you,

UPDATE ..........................

I'm going to do different packet mining by taking each packet and read each field on it then use these values and开发者_开发技巧 in same stages I would modify some of the packets value then resend them back.

I want to control the packet since it received by the network interface until it passes to the application layer.

also


You'd be able to do network programming using almost any language you want to. If you are equally comfortable in all of the languages you've mentioned, you should determine what system libraries or APIs will you be interfacing with. For example, if you will be doing packet-level network programming on a Unix system, C would probably be your best best. If you want to integrate with Wireshark, go with C++. If you want to use an Apache Commons component, use Java. I suggest you come up with a more specific set of requirements for your actual program before trying to decide which language to use.


WireShark uses WinPCap so you could go that route as well.

For security application, is that a intrution detection system or do you actually want to drop offending packets? WinPCap, SharpPCap etc. do not allow you you drop packets, for this you will need to look at some kind of intermediate driver or look at Windows Filtering Platform (WFP)
http://www.microsoft.com/whdc/device/network/WFP.mspx

IMHO, if you can find a callback driver that calls back to user mode and allows you to filter the packets from C# or C++, this would probably be fine for experimental purposes etc. but for a production solution, I think you would need to stick to the kernel level to ensure that you can keep-up with the peek volume.


Use C++, Boost and Poco and you can do what you want. Boost asio is: Portable networking, including sockets, timers, hostname resolution and socket iostreams. Poco library also provides solutions for network, cryprography NetSSL ... and more. For more information you can visit www.boost.org and www.pocoproject.org


You can use java if you like - jpcap works well.


I would suggest using C#, since there is a very strong library called Pcap.Net that wraps WinPcap with .NET code. This should make it easy for you to receive, send and interpret packets different packets of different protocols.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜