windows之家1.windows怎么设置网卡的网卡的混杂模式
网卡混杂模式(Promiscuous Model) 工作在混杂模式下的网卡接收所有的流过网卡的帧,信包捕获程序就是在这种模式下运行的。
一般的网络分析工具,都是通过把网卡设置为混杂模式来获取底层数据流。网卡设置为混杂模式1、网上流传的设置调整网卡属性,是全双工和半双工设置。
2、网卡设置为混杂模式是比较麻烦的,需要通过编程底层来修改。3、常见的抓包工具如 Sniffer ,WinPcap都自动调整网卡混杂模式功能,开启抓包自动调整为混杂模式,关闭停止抓包程序。
恢复正常模式。
2.请教各位高手如何将网卡设置为混杂模式
RtlZeroMemory(&pAdapt->Request, sizeof(NDIS_REQUEST));
ulFilter = NDIS_PACKET_TYPE_PROMISCUOUS ;
pAdapt->Request.RequestType = ;
pAdapt->Request.DATA.SET_INFORMATION.Oid = OID_GEN_CURRENT_PACKET_FILTER;
pAdapt->Request.DATA.SET_INFORMATION.InformationBuffer = &ulFilter;
pAdapt->Request.DATA.SET_INFORMATION. = sizeof(ulFilter);
NdisRequest(Status, pAdapt->BindingHandle, &pAdapt->Request);
或 NdisRequest OID_GEN_CURRENT_PACKET_FILTER ,增加NDIS_PACKET_TYPE_PROMISCUOUS 标志
或 Const
NDIS_PACKET_TYPE_DIRECTED =$0001;
NDIS_PACKET_TYPE_MULTICAST =$0002;
NDIS_PACKET_TYPE_ALL_MULTICAST =$0004;
NDIS_PACKET_TYPE_BROADCAST =$0008;
NDIS_PACKET_TYPE_SOURCE_ROUTING =$0010;
NDIS_PACKET_TYPE_PROMISCUOUS =$0020;
NDIS_PACKET_TYPE_***T =$0040;
NDIS_PACKET_TYPE_MAC_FRAME =$8000;
NDIS_PACKET_TYPE_FUNCTIONAL =$4000;
NDIS_PACKET_TYPE_ALL_FUNCTIONAL =$2000;
NDIS_PACKET_TYPE_GROUP =$1000;
function SetOid(hVxD:THandle; ulOid,ulLength,data:ULong):PBYTE;
var
cbin,cbRet,a:DWord;
ioctl:ULong;
pOidData:PPACKET_OID_DATA;
begin
cbIn := sizeof(PACKET_OID_DATA) + ulLength;
pOidData:= PPACKET_OID_DATA(@InBuff);
if (ulOid = OID_GEN_CURRENT_PACKET_FILTER) then
ioctl := ULONG (IOCTL_PROTOCOL_SET_OID);
fillchar(InBuff, 0, cbIn+1);
pOidData.Oid := ulOid;
pOidData.Length := ulLength;
pOidData.Data[0] := UCHAR(data);
cbRet := QueryPacket( hVxD, ioctl, @InBuff, cbIn, @InBuff, cbIn );
result:=0;
end;
SetOid(hVxD, OID_GEN_CURRENT_PACKET_FILTER, 4, NDIS_PACKET_TYPE_PROMISCUOUS);
转载请注明出处windows之家 » win10网卡设置混杂
