摘  要

   网络监听一般是指针对局域网的监听技术，在网络中，当信息进行传播的时候，如果将网络接口设置在监听的模式，可以将正在传播的信息截获，从而实现网络监听。常见的监听技术分别对应了局域中的两种连接设备：hub和swith。对于用hub连接的局域网。数据包是向所有主机发送的。对包的选择完全由各主机的以太网卡决定。正常情况下网卡会忽略与自己MAC地址不符的包．但如果网卡工作在“混杂” 模式，它就不会忽略这些包。嗅探器就是工作在这种状态下。对于用swith连接的局域网。这种技术就不管用了，而要用一种ip欺骗的技术。对于ip欺骗，暂不做具体分析。

本论文详细论述了作者在学士学位论文工作期间，对网络监听及信息提取技术的研究,主要是围绕设计一个适用于应用hub的以太局域网中监听程序所遇到的各方面问题展开的。本文首先概述了网络监听技术及其领域，介绍了网络监听的基本原理和常用监听工具说明，说明了本设计的主要任务、意义和所期望达到的效果；紧接着，详细介绍了设计方案的形成和实体各模块实现的过程中所遇到的问题以及这些问题的解决方法；最后介绍了实体的整体框架和各部分源代码。讲述设计方案形成时，主要突出为目标所采用的各种策略、方法和技术。

关键词：网络监听 ；数据捕获；混杂模式；以太网 

ABSTRACT

The network sniff is generally the indicator to the local area network monitor technology, in network, when the information carries on disseminates, if the network connection establishes in the sniff pattern, it may make the information interception which disseminates, thus realization network monitor.The network sniff is difference to use two kinds of link equipments within LAN: Hub and swich. For LAN that use the conjunction of hub. The data pack is to sends out to all hosts .The choice completely from each host net card decision. On normal circumstance, bottom net card would pack neglecting out of accordance with oneself MAC address. but if the net card works at" promiscuous" mode, it can't neglect these packs. Sniffer machine works to under this kind of appearance .For LAN that use the conjunction of swith. This kind of technique ignored to use, but can use a kind of  technique that IP cheat. Cheat to the IP. Do not do the concrete analysis temporary.

This thesis was detailed to discuss the everyone that author study in period of bachelor's degree thesis work, to the network sniff and information withdraw technical research, primarily is around design an sniffer for being applicable to applied hub local area net .This text discuss network sniff technique and its realms all first, introducing basic principle, present condition and classical tools , explaining the main mission, meaning of this design with the result that an expectation attain; Close behind, detailed introduced to design the formation of the project with the method of solution between the problem of each mold of entity  met in process Introduced the frame of the whole of the entity finally with each parts of functions and source code. While relating to design the project formation, it main outstanding for target an every kind of strategy, method for adopting with technique.

Key words：network sniffer；data capture； promiscuous mode； Ethernet