资料下载
×
基于Linux 高校网络防火墙的设计
消耗积分:5 |
格式:rar |
大小:267 |
2009-06-06
分享资料个
在众多网络安全技术中,防火墙技术是常用的一种。本文首先分析了网络安全和防火
墙的基本概念,然后设计了一种以太网综合型主机防火墙。该防火墙使用了包过滤技术,但是在传统的包过滤技术上作了较大的改进,在包过滤的规则中加入了关键字过滤规则以及基于对TCP 连接状态进行监测的动态过滤规则。在该防火墙中还集成了入侵检测模块,使得防火墙能够对网络中的异常情况作出响应,提高了系统的安全性。本文中还在Linux 操作系统下将该防火墙进行了实现,并对其性能进行了测试。
关键字:防火墙,Linux, 入侵检测,包过滤技术
The Desgin of Campus Network Firewall Based on Linux Zhang haichun 1 Qu shuang 2
(computer department of Shijiazhuang university Hebei shijiazhuang 050035) (Shijiazhuang Information Engineering vocational college Heibei shijiazhuang 050035) 2 Abstract: Firewall is a kind of network security technology in corrunon use. In this paper, at first, the .basis conception of network security and firewall is analyzed. And then,a compositive firewall
used in host under Ethernet environment is technology, but designed. This firewall uses the PacketFilter it make some improvement over the coventional Packet Filtert ethnology. In the Filter rules, the rule basedKeyword in the Packets and the rule base TCP connection Stateful Inspect is added.-$esides these rule s, an IDS (Intrusion Detection System)module is integrated in.the firewall,which makes firewall can response the abnormal state in the network. The IDS module improve the security of host system. At the end of this paper, the realization of this firewall under Linux operation system and 'the test of this firewall is described.
Key word: Firewall, Linux, Intrusion Detection, Packet Filtert ethnology
墙的基本概念,然后设计了一种以太网综合型主机防火墙。该防火墙使用了包过滤技术,但是在传统的包过滤技术上作了较大的改进,在包过滤的规则中加入了关键字过滤规则以及基于对TCP 连接状态进行监测的动态过滤规则。在该防火墙中还集成了入侵检测模块,使得防火墙能够对网络中的异常情况作出响应,提高了系统的安全性。本文中还在Linux 操作系统下将该防火墙进行了实现,并对其性能进行了测试。
关键字:防火墙,Linux, 入侵检测,包过滤技术
The Desgin of Campus Network Firewall Based on Linux Zhang haichun 1 Qu shuang 2
(computer department of Shijiazhuang university Hebei shijiazhuang 050035) (Shijiazhuang Information Engineering vocational college Heibei shijiazhuang 050035) 2 Abstract: Firewall is a kind of network security technology in corrunon use. In this paper, at first, the .basis conception of network security and firewall is analyzed. And then,a compositive firewall
used in host under Ethernet environment is technology, but designed. This firewall uses the PacketFilter it make some improvement over the coventional Packet Filtert ethnology. In the Filter rules, the rule basedKeyword in the Packets and the rule base TCP connection Stateful Inspect is added.-$esides these rule s, an IDS (Intrusion Detection System)module is integrated in.the firewall,which makes firewall can response the abnormal state in the network. The IDS module improve the security of host system. At the end of this paper, the realization of this firewall under Linux operation system and 'the test of this firewall is described.
Key word: Firewall, Linux, Intrusion Detection, Packet Filtert ethnology
声明:本文内容及配图由入驻作者撰写或者入驻合作网站授权转载。文章观点仅代表作者本人,不代表电子发烧友网立场。文章及其配图仅供工程师学习之用,如有内容侵权或者其他违规问题,请联系本站处理。 举报投诉
评论(0)
发评论
- 相关下载
- 相关文章
