Personal WIFI hotspot management method based on Windows operating system
Technical Field
The invention belongs to the technical field of computer network security management, and particularly relates to a personal WIFI hotspot management method based on a Windows operating system.
Background
The terminal computer privately connects WIFI at will, and safety risks can be brought to a computer network, even network blockage is caused, so that WIFI hotspots in the computer network need to be effectively managed to ensure safe and stable operation of the computer network. When the user network is large in scale, the WIFI hotspots of a large number of terminal computers in the user network can be effectively managed, a large amount of manpower is required to be input, the working efficiency is very low, and meanwhile, the operation and maintenance cost is increased inevitably. According to the invention, the execution flow of the WIFI hotspot request is analyzed through the reverse Windows operating system WIFI module, and the high-reliability and high-safety management of the terminal WIFI is realized through the drive layer filtering technology. In summary, in order to ensure that the WIFI hotspots in the computer network can be effectively managed, an efficient and safe WIFI hotspot management method is required.
Disclosure of Invention
The invention mainly aims to provide a personal WIFI hotspot management method based on a Windows operating system, which fundamentally and effectively manages the behavior of a terminal computer user in private connection with WIFI and can remotely plan the network hotspot information of all terminal computers in a computer network through a server.
In order to achieve the purpose, the invention adopts the following technical scheme:
a personal WIFI hotspot management method based on a Windows operating system comprises the following steps:
a. the server side generates a legal network hotspot information list:
the server side performs unified planning on all WIFI hotspot information in the network and generates a legal network hotspot information list on the server side;
b. the server side sets network hotspot information of the terminal computer:
the server sets a legal network hotspot information list of the terminal computer to be managed on the server;
the server side informs a terminal computer needing to be managed according to the legal network hotspot information list;
the terminal computer needing to be managed sets that the illegal WIFI hot spot of the terminal computer cannot be connected by utilizing a kernel layer API hooking technology;
c. the terminal computer supervises the change of the network hotspot information of the terminal computer;
the managed terminal computer stores a legal network hotspot information list sent by the server into a legal SSID list of the terminal computer;
the managed terminal computer monitors the change of the network hotspot information of the terminal computer in real time by using a kernel layer API hook technology through an equipment IO control interface.
In the step c, the managed terminal computer sets a hook monitoring program to monitor the device IO control request of the terminal computer by using a kernel layer API hook technology;
the managed terminal computer sets a hook monitoring program to monitor the IO control request of the equipment of the terminal computer in real time, and the method comprises the following steps:
c1. if the managed terminal computer monitors that the terminal computer has a request for the IO control, continuing to execute step c 2; if the managed terminal computer does not monitor that the terminal computer has a request for IO control, executing step c 5;
c2. a managed terminal computer sets a hook monitoring program to acquire parameter information carried by monitoring operation;
the parameter information carried by the monitoring operation comprises an equipment IO request code, an equipment IO request input parameter and an equipment IO request output parameter;
when an equipment IO request code in the parameter information carried by the monitoring operation is an NDIS _ OID query request, inputting the first 4 bytes of a parameter as a request identifier, and outputting the parameter as a system available SSID array;
c3. the managed terminal computer checks whether the IO request code in the parameters carried by the monitoring operation is a WIFI hotspot management request;
if the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is equal to the NDIS _ OID inquiry request and the first 4 bytes of the input parameters of the equipment IO request are equal to the system SSID predefined identifier, identifying the request as a WIFI hotspot management request, and continuing to execute the step c 4; if the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is not equal to the NDIS _ OID query request, the request is a non-WIFI hotspot management request, and step c5 is executed;
c4. analyzing and managing a WIFI hotspot management request;
the managed terminal computer sets a hook monitoring program to convert the obtained device IO request output parameters in the parameter information carried by the monitoring operation of the terminal computer into an SSID array, circularly compares each node in the SSID array, and traverses the next node in the SSID array if the SSID name of the node in the SSID array is in a legal SSID list of the terminal computer; if the node SSID name in the SSID array is not in the legal SSID list of the terminal computer, deleting the node in the SSID array;
c5. returning parameter information carried by the monitoring operation to an operating system, wherein the parameter information comprises a request equipment IO request code, an equipment IO request input information parameter and an equipment IO request output parameter;
the managed terminal computer monitors the request for device IO control using kernel API hooking technique and executes step c 1.
The invention has the beneficial effects that:
the personal WIFI hotspot management method based on the Windows operating system is suitable for Windows XP and above operating systems, develops a WIFI management function by reverse analysis of the Windows operating system and hooking of a kernel layer, has good universality, is suitable for management of mainstream personal portable WIFI equipment in the market, and fills the gap of the Windows operating system in WIFI management. The technology can be used for realizing management of the blacklist and the white list of the WIFI. Due to the fact that the driver layer equipment control interface is adopted for intercepting, good equipment compatibility and system safety are achieved.
Drawings
Fig. 1 is a flowchart of a personal WIFI hotspot management method based on a Windows operating system according to the present invention;
fig. 2 is a flowchart of step c of the personal WIFI hotspot management method based on Windows operating system of the present invention;
fig. 3 is a schematic structural diagram of an application environment of the embodiment of the present invention.
Detailed Description
The personal WIFI hotspot management method based on the Windows operating system of the present invention is further described in detail below with reference to the accompanying drawings and embodiments.
The personal WIFI hotspot management method based on the Windows operating system can remotely and uniformly plan the network hotspot list of the terminal computer through the server, adopts a real-time monitoring mode for the terminal computer, solves the problems that the network hotspots in a large-scale local area network cannot be managed and the problems that the workload for managing illegal hotspots is large, the efficiency is low, the system resource occupation is high, centralized and uniform planning and automatic maintenance cannot be realized, greatly improves the working efficiency, reduces the operation and maintenance cost, and has a wide application range.
Examples
For example, there are 100 terminal computers in a local area network, terminal computers PC1, PC2, …, PC100, and a SERVER computer (SERVER), and the method for managing personal WIFI hotspots based on Windows operating system of the present invention specifically includes the following steps:
a. the server side generates a legal network hotspot information list:
the server computer uniformly plans WIFI hotspot information of all 100 terminal computers in the local area network, uniformly plans legal network hotspot information from the terminal computer PC1 to the terminal computer PC100 into TP-LINK _001 and TP-LINK _002, and stores legal network hotspot information lists of all 100 terminal computers on the terminal computers;
b. the server side sets network hotspot information of the terminal computer:
the server computer sets a legal network hotspot information list of 100 terminal computers to be managed on the server computer, wherein the legal network hotspot information from the terminal computer PC1 to the terminal computer PC100 is P-LINK _001 and P-LINK _ 002;
the server computer informs 100 terminal computers needing to be managed according to the legal network hotspot information list;
the 100 terminal computers needing to be managed respectively utilize a kernel layer API hooking technology to design that illegal WIFI hotspots of the terminal computers cannot be connected;
c. the managed terminal computer supervises the change of the network hotspot information of the terminal computer;
respectively storing legal network hotspot information lists sent by the server computers into legal SSID lists of the respective terminal computers by the managed 100 terminal computers;
the legal SSID lists are P-LINK _001 and P-LINK _ 002;
the managed terminal computer monitors the change of network hotspot information of the terminal computer in real time by utilizing a kernel layer API hook technology through an equipment IO control interface, and the specific working steps are as follows:
c1. in this embodiment, the managed terminal computer PC100 requests to connect to the non-office WIFI hotspot LINK _ X, so that the managed terminal computer PC100 can monitor that there is a request for IO control of the device on its terminal computer, and continue to execute step c 2; and the managed terminal PC1 to terminal PC99 fail to detect the request of IO control of the device on the terminal computer, and execute step c 5;
c2. the managed terminal computer PC100 sets a hook monitoring program to acquire parameter information carried by a monitoring operation, including an equipment IO request code of 0x0012c804, an equipment IO request input parameter of 0x8cd91200, and an equipment IO request output parameter of 0x8cd 91400;
according to the device IO request code 0x0012c804 in the parameter information carried by the monitoring operation of the managed terminal computer PC100, it can be determined that the device IO request code is an NDIS _ OID query request, so that the first 4 bytes 0xD010217 of the device IO request input parameter in the parameter information carried by the monitoring operation of the managed terminal computer PC100 are a request identifier, the device IO request output parameter is 0x8cd91400, and SSID arrays LINK _ X, P-LINK _001 and P-LINK _002 are available to the system;
c3. the managed terminal computer PC100 checks that the device IO request code 0x0012c804 in the parameters carried in the incoming monitoring operation is equal to the NDIS _ OID query request 0x0012c804, and the device IO request input parameter first 4 bytes 0xD010217 is equal to the system SSID predefined identifier 0xD010217, so that the current request of the managed terminal computer PC100 is identified as a WIFI hotspot management request, and continues to execute step c 4; (if the managed terminal computer PC100 checks that the device IO request code in the parameters carried in the incoming monitoring operation is not equal to the NDIS _ OID query request, then identify this request as a non-WIFI hotspot management request, execute step c 5;)
c4. Analyzing and managing a WIFI hotspot management request;
the managed terminal computer PC100 sets a hook monitoring program to convert the obtained device IO request output parameter 0X8cd91400 in the parameter information carried by the monitoring operation of the terminal computer into SSID arrays LINK _ X, P-LINK _001 and P-LINK _002, and circularly compares each node LINK _ X, P-LINK _001 and P-LINK _002 in the SSID arrays, wherein LINK _ X is not in the SSID legal list, so that the node is deleted, and P-LINK _001 and P-LINK _002 are in the legal list and reserved;
c5. managed terminal computer PC100 sets up parameter information carried by the monitoring operation of the hook monitoring program, including request device IO request code 0x0012c804, device IO request input information parameter 0x8cd91200, and device IO request output parameter 0x8cd91400, to return to its operating system;
the managed terminal computer PC100 monitors its request for device IO control using kernel API hooking technique, and executes step c 1.