windows文件监控管理系统
随着网络技术的发展,网络速度的加快,监控技术支持将逐渐占据技术支持的主流。本文讲述的是一个基于Windows而开发的监控程序,用到了WinSock的API技术。对监控涉及的技术和方法等进行了函数原型级的详细解释,可以很容易的理解。本文首先介绍了实现监控基础Socket编程的基本概念,以及Windows的消息系统,接着从建立Socket套接字开始,经过逐个功能模块的分析实现,包括从自动运行,到关机,到监控管理功能等,然后重点介绍了各功能模块的具体实现过程,特别是文件管理和监控管理的实现。本程序的全称为Windows下的文件监视程序,是一个工具软件。通过本程序的分析和设计,为创建更大的软件工程提供了一定的帮助。在逆向工程中,可以利用本程序,分析进程的文件读写情况,对工程的开发提供了一定的帮助。本程序采用Java开发环境,利用DLL挂接,拦截API等技术实现了对目标进程的文件读写监视。
关键词:文件监视;工具软件;DLL挂接;拦截API
With the development of network technology and the acceleration of network speed, monitoring technical support will gradually occupy the mainstream of technical support. This paper describes a monitoring program based on Windows, which uses the API technology of WinSock. The techniques and methods involved in monitoring are explained in detail at the prototype level, which can be easily understood. This paper first introduces the basic concept of Socket programming, and the message system of Windows. Then, starting from the establishment of Socket socket, through the analysis of each functional module, including automatic operation, to shut down the computer. Then, it mainly introduces the realization process of each function module, especially the file management and monitoring management. The full name of this program is Windows under the file monitoring program, is a tool software. Through the analysis and design of this program, it provides some help for creating larger software engineering. In reverse engineering, this program can be used to analyze the process of file reading and writing, which provides some help for the development of the project. This program uses the Java development environment, uses the DLL link, intercepts the API and other technologies to achieve the target process of the file read and write monitoring.
Keywords: file monitoring; tool software; DLL hook-up; blocking API
目 录