CN111556503B - Personal WIFI hotspot management method based on Windows operating system - Google Patents

Abstract

The invention discloses a personal WIFI hotspot management method based on a Windows operating system, which is used for analyzing the execution flow of a WIFI hotspot request through a reverse Windows operating system WIFI module and realizing the effective management of a terminal WIFI hotspot through a driving layer filtering technology. The method comprises the steps that a server generates a legal network hotspot information list, the server sets network hotspot information of a terminal computer, and the terminal computer monitors the change of the network hotspot information of the terminal computer. The method solves the problem that network hotspots cannot be managed in a large-scale local area network, also solves the problems of large work load, low efficiency and incapability of automatic maintenance of illegal hotspot management, greatly improves the working efficiency, reduces the maintenance cost and has wide application range by remotely and uniformly planning a terminal computer network hotspot list and a terminal computer real-time monitoring mode through a server side.

Description

Personal WIFI hotspot management method based on Windows operating system

Technical Field

The invention belongs to the technical field of computer network security management, and particularly relates to a personal WIFI hotspot management method based on a Windows operating system.

Background

The terminal computer is randomly and privately connected with the WIFI, so that safety risks can be brought to the computer network, even network blocking is caused, and therefore, the WIFI hot spot in the computer network needs to be effectively managed to ensure safe and stable operation of the computer network. When the user network is large in scale, the WIFI hot spot of a large number of terminal computers in the user network can be effectively managed, a large amount of manpower is required to be input to set the working efficiency one by one, and meanwhile, the operation and maintenance cost is also likely to be increased. According to the method, the WIFI hotspot request execution flow is analyzed through the reverse Windows operating system WIFI module, and the high-reliability and high-safety management of the terminal WIFI is realized through the drive layer filtering technology. In summary, in order to ensure that WIFI hotspots in a computer network can be effectively managed, an efficient and safe WIFI hotspot management method is needed.

Disclosure of Invention

The invention mainly aims to provide a personal WIFI hotspot management method based on a Windows operating system, which is used for fundamentally and effectively managing the behavior of connecting a terminal computer user with WIFI in a private way, and can remotely program network hotspot information of all terminal computers in a computer network through a server.

In order to achieve the above purpose, the invention adopts the following technical scheme:

A personal WIFI hotspot management method based on a Windows operating system comprises the following steps:

a. The server generates a legal network hotspot information list:

The server side performs unified planning on all WIFI hotspot information in the network, and a legal network hotspot information list is generated on the server side;

b. The server sets network hot spot information of the terminal computer:

The method comprises the steps that a server side sets a legal network hotspot information list of a terminal computer to be managed on the server side;

The server side informs the terminal computer to be managed according to the legal network hotspot information list;

The terminal computer to be managed utilizes a kernel layer API hooking technology to set that illegal WIFI hot spots of the terminal computer cannot be connected;

c. the terminal computer monitors the change of the network hotspot information of the terminal computer;

The managed terminal computer stores the legal network hot spot information list sent by the server into the legal SSID list of the terminal computer;

The managed terminal computer monitors the change of the network hot spot information of the terminal computer in real time through the equipment IO control interface by utilizing the kernel layer API hooking technology.

In the step c, the managed terminal computer uses the kernel layer API hooking technology to set a hooking monitoring program to monitor the equipment IO control request of the terminal computer;

The managed terminal computer sets a hook monitoring program to monitor the equipment IO control request of the terminal computer in real time, and the method comprises the following steps:

c1. If the managed terminal computer monitors that the terminal computer has a request for equipment IO control, continuing to execute the step c2; if the managed terminal computer does not monitor the request of the device IO control of the terminal computer, executing step c5;

c2. the managed terminal computer sets a hook monitoring program to acquire parameter information carried by monitoring operation;

the parameter information carried by the monitoring operation comprises a device IO request code, a device IO request input parameter and a device IO request output parameter;

When the device IO request code in the parameter information carried by the monitoring operation is an NDIS_OID query request, the first 4 bytes of the input parameter are request identifiers, and the output parameter is a system available SSID array;

c3. the managed terminal computer checks whether IO request codes in parameters carried by the incoming monitoring operation are WIFI hotspot management requests or not;

If the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is equal to the NDIS_OID query request and the first 4 bytes of the input parameters of the equipment IO request are equal to the predefined identification of the SSID of the system, the request is identified as a WIFI hotspot management request, and the step c4 is continuously executed; if the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is not equal to the NDIS_OID query request, the request is a non-WIFI hotspot management request, and step c5 is executed;

c4. analyzing and managing a WIFI hotspot management request;

The managed terminal computer sets a hook monitoring program to convert the acquired device IO request output parameters in the parameter information carried by the monitoring operation of the terminal computer into an SSID array, and circularly compares each node in the SSID array, and if the node SSID name in the SSID array is in the legal SSID list of the terminal computer, the next node in the SSID array is traversed; if the SSID name of the node in the SSID array is not in the legal SSID list of the terminal computer, deleting the node in the SSID array;

c5. the parameter information carried by the monitoring operation comprises a request equipment IO request code, equipment IO request input information parameters and equipment IO request output parameters, and the request equipment IO request input information parameters and the equipment IO request output parameters are returned to an operating system;

the managed terminal computer monitors the request of the IO control of the equipment by using the kernel API hooking technology, and executes the step c1.

The beneficial effects of the invention are as follows:

The personal WIFI hotspot management method based on the Windows operating system is suitable for Windows XP and the operating systems above, and the WIFI management function is developed through reversely analyzing the Windows operating system and hooking the kernel layer. Blacklist and whitelist management of WIFI can be achieved through the technology. The device control interface interception implementation of the driving layer is adopted, so that the device has good device compatibility and system safety.

Drawings

FIG. 1 is a flow chart of a personal WIFI hotspot management method based on a Windows operating system of the present invention;

FIG. 2 is a flowchart of step c of the personal WIFI hotspot management method based on the Windows operating system of the present invention;

Fig. 3 is a schematic structural diagram of an application environment of an embodiment of the present invention.

Detailed Description

The personal WIFI hotspot management method based on the Windows operating system is further described in detail below with reference to the accompanying drawings and embodiments.

The personal WIFI hotspot management method based on the Windows operating system can remotely and uniformly program the network hotspot list of the terminal computer through the server, solves the problem that the network hotspots cannot be managed in a large-scale local area network and the problem that illegal hotspots are managed in a large-scale local area network, has high workload, low efficiency and high system resource occupation, cannot be uniformly planned in a centralized way and cannot be automatically maintained by adopting a real-time monitoring mode of the terminal computer, greatly improves the working efficiency, reduces the operation and maintenance cost and has a wide application range.

Examples

For example, a local area network has 100 terminal computers, terminal computers PC1, PC2, …, PC100, and a SERVER computer (SERVER), and the 100 terminal computers are subjected to network hotspot information management and are ensured to be legal network hotspot information when a network hotspot control request is made, and the personal WIFI hotspot management method based on the Windows operating system of the present invention specifically includes the following steps:

a. The server generates a legal network hotspot information list:

the server computer performs unified planning on WIFI hotspot information of all 100 terminal computers in the local area network, uniformly plans legal network hotspot information of the terminal computer PC1 and the terminal computer PC100 into TP-LINK_001 and TP-LINK_002, and stores legal network hotspot information lists of all 100 terminal computers on the terminal computers;

b. The server sets network hot spot information of the terminal computer:

The server computer sets a legal network hotspot information list of 100 terminal computers to be managed on the server computer, wherein the legal network hotspot information list comprises the terminal computer PC1 and the legal network hotspot information of the terminal computer PC100 as P-LINK_001 and P-LINK_002;

the server side computer informs 100 terminal computers to be managed according to the legal network hotspot information list;

The 100 terminal computers to be managed respectively utilize kernel layer API hooking technology to design that illegal WIFI hot spots of the terminal computers cannot be connected;

c. The managed terminal computer monitors the change of the network hot spot information of the terminal computer;

The managed 100 terminal computers respectively store legal network hot spot information lists sent by the server computers into legal SSID lists of the respective terminal computers;

the legal SSID list is P-LINK_001 and P-LINK_002;

the managed terminal computer monitors the change of network hot spot information of the terminal computer in real time through the equipment IO control interface by utilizing the kernel layer API hooking technology, and the specific working steps are as follows:

c1. In this embodiment, the managed terminal PC100 requests to connect to the link_x of the non-office WIFI hotspot, so that the managed terminal PC100 can monitor that there is a request for device IO control on its terminal PC, and continue to execute step c2; and the managed terminal computers PC1 to PC99 fail to monitor the request of the device IO control on the terminal computers, and execute step c5;

c2. the managed terminal computer PC100 sets a hook monitoring program to acquire parameter information carried by monitoring operation, wherein the parameter information comprises a device IO request code of 0x0012c804, a device IO request input parameter of 0x8cd91200 and a device IO request output parameter of 0x8cd91400;

The device IO request code 0x0012c804 in the parameter information carried by the monitoring operation of the managed terminal computer PC100 can be judged to be an NDIS_OID query request, so that the first 4 bytes 0xD010217 of the device IO request input parameter in the parameter information carried by the monitoring operation of the managed terminal computer PC100 are used as request identifications, the device IO request output parameter is 0x8cd91400, and the system can use SSID arrays LINK_ X, P-LINK_001 and P-LINK_002;

c3. The managed terminal computer PC100 checks that the device IO request code 0x0012c804 in the parameters carried by the incoming monitoring operation is equal to the ndis_oid query request 0x0012c804, and the device IO request input parameter of the device IO request code 0x 001217 is equal to the system SSID predefined identifier 0xD010217, so that the request of the managed terminal computer PC100 this time is identified as a WIFI hotspot management request, and the step c4 is continuously executed; (if the managed terminal computer PC100 checks that the device IO request code in the parameters carried by the incoming monitoring operation is not equal to the NDIS_OID query request, the request is identified as a non-WIFI hotspot management request, step c5 is performed;)

C4. analyzing and managing a WIFI hotspot management request;

The managed terminal computer PC100 sets the hook monitoring program to convert the acquired device IO request output parameter 0x8cd91400 in the parameter information carried by the monitoring operation of the terminal computer to an SSID array link_ X, P-link_001, P-link_002, and circularly compares each node link_ X, P-link_001, P-link_002, link_x in the SSID array not in the SSID legal list, so that the node is deleted, and P-link_001, P-link_002 are in the legal list, so that the node is reserved;

c5. The managed terminal computer PC100 sets a hook monitoring program to send parameter information carried by the monitoring operation of the hook monitoring program to an operating system, wherein the parameter information comprises a request equipment IO request code 0x0012c804, equipment IO request input information parameters 0x8cd91200 and equipment IO request output parameters 0x8cd 91400;

The managed terminal computer PC100 monitors a request for its device IO control using the kernel API hooking technique, and executes step c1.

Claims (1)

1. A personal WIFI hotspot management method based on a Windows operating system comprises the following steps:

a. The server generates a legal network hotspot information list:

The server side performs unified planning on all WIFI hotspot information in the network, and a legal network hotspot information list is generated on the server side;

b. The server sets network hot spot information of the terminal computer:

The method comprises the steps that a server side sets a legal network hotspot information list of a terminal computer to be managed on the server side;

The server side informs the terminal computer to be managed according to the legal network hotspot information list;

The terminal computer to be managed utilizes a kernel layer API hooking technology to set that illegal WIFI hot spots of the terminal computer cannot be connected;

c. the terminal computer monitors the change of the network hotspot information of the terminal computer;

The managed terminal computer stores the legal network hot spot information list sent by the server into the legal SSID list of the terminal computer;

The managed terminal computer monitors the change of network hot spot information of the terminal computer in real time by using a kernel layer API hooking technology through an equipment IO control interface;

the managed terminal computer utilizes the kernel layer API hooking technology to set a hooking monitoring program to monitor the equipment IO control request of the terminal computer;

The managed terminal computer sets a hook monitoring program to monitor the equipment IO control request of the terminal computer in real time, and the method comprises the following steps:

c1. If the managed terminal computer monitors that the terminal computer has a request for equipment IO control, continuing to execute the step c2; if the managed terminal computer does not monitor the request of the device IO control of the terminal computer, executing step c5;

c2. the managed terminal computer sets a hook monitoring program to acquire parameter information carried by monitoring operation;

the parameter information carried by the monitoring operation comprises a device IO request code, a device IO request input parameter and a device IO request output parameter;

When the device IO request code in the parameter information carried by the monitoring operation is an NDIS_OID query request, the first 4 bytes of the input parameter are request identifiers, and the output parameter is a system available SSID array;

c3. the managed terminal computer checks whether IO request codes in parameters carried by the incoming monitoring operation are WIFI hotspot management requests or not;

If the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is equal to the NDIS_OID query request and the first 4 bytes of the input parameters of the equipment IO request are equal to the predefined identification of the SSID of the system, the request is identified as a WIFI hotspot management request, and the step c4 is continuously executed; if the managed terminal computer checks that the IO request code in the parameters carried by the incoming monitoring operation is not equal to the NDIS_OID query request, the request is a non-WIFI hotspot management request, and step c5 is executed;

c4. analyzing and managing a WIFI hotspot management request;

The managed terminal computer sets a hook monitoring program to convert the acquired device IO request output parameters in the parameter information carried by the monitoring operation of the terminal computer into an SSID array, and circularly compares each node in the SSID array, and if the node SSID name in the SSID array is in the legal SSID list of the terminal computer, the next node in the SSID array is traversed; if the SSID name of the node in the SSID array is not in the legal SSID list of the terminal computer, deleting the node in the SSID array;

c5. the parameter information carried by the monitoring operation comprises a request equipment IO request code, equipment IO request input information parameters and equipment IO request output parameters, and the request equipment IO request input information parameters and the equipment IO request output parameters are returned to an operating system;

the managed terminal computer monitors the request of the IO control of the equipment by using the kernel API hooking technology, and executes the step c1.