| With the expansion of network applications, which brought great convenience to people's lives, while also increasing network security. To enhance the capacity of the network of security, Intrusion Detection, Firewall, Anti-virus software, and network traffic monitoring and other security components are also widely used. But only rely on a single type of network security components that can not meet the existing demand for network security, network security components must be integrated with them to work together to build a three-dimensional depth of defense security system.In this thesis, the network Firewall and Intrusion Detection Systems integration, interactive use of the new concept to intrusion detection based on the results, the system dynamically adjust firewall rules response mechanism, so that the whole system to known and unknown to conduct the illegal invasion effective protection, blocking, do a self-defense, automatic detection, the system has some ability to learn. Small network users to build a more secure protection system. This thesis contains a packet filter firewall system, intrusion detection system of two subsystems. On the iptables user space tools above Linux2.4 formed a new framework for the kernel version of the firewall, intrusion detection rule description language to achieve sub-modules and code are carried out exploratory research.The main contents are:1. Packet filter Firewall subsystem. Analysis of the data packet filtering Firewall, Firewall network location, the data packet processing of a variety of ways, the firewall link tracking; development B/S of firewall management software.2. Intrusion Detection subsystem. Made a useful complement to Firewall, Intrusion Detection System based on Linux. Design rules corresponding parsing engine, can invade description language, support for protocol analysis as the basis for an illegal invasion of the assessment, synchronized with the firewall to respond. |
PDF Full Text Request