防火墙是当今网络安全的核心技术,是应对外部网络攻击和威胁的防御的第一线。大多数个人防火墙是在用户模式下处理数据包,所以存在很多的限制。为了更好的得到保护,必须在内核模式下。在用户数量最多的操作系统Windows上,可以很容易的对在内核模式下的NDIS层进行操作。本文清楚地描述了NDIS层框架,以及基于网络行为分析的个人防火墙的设计模型。
Firewall is one of the core technology of network security,is a response to the external network attacks and threats of first-line defense.Most of the personal firewall process packets in user model,so there are many restrictions.In order to protect our data better some operation need to be done under the kernel model.The NDIS by which we can easy do something under the kernel model is introduced in the windows operating system which is the mostly used system in personal computer.This paper describes clearly the framework of the NDIS,and based on the network behavior personal firewall design model.