Starting from the conception of firewall, the essay probes into the three major technologies——the packet filter, the proxy and the stateful inspection and analyses four kinds of fire architectures: screening router, dual homed, screen host and screened subnet.
The design consists of several modules: Package Capture Module, Package Filter Module, State Inspection Module, Intrusion Detection Module, NAT Module, Access Control Module, Audit and Log Module, Flow Management Module, and Authentication Module.
Systematically elaborates implementation method and the step of network sniffer and the package filter,and gives a thorough analysis to Libpcap/Winpcap, finally,summarizes some application difficulties about sniffer.
The construction of the system of package filter fire wall under Netfilter/iptables frame and encrypting transmission of data information under SSL agreement channel are expatiated in detail with security certification of system. All these offer effective measures for securely transmission of coal mine data information.
On one hand, access control function based on package filter was achieved in CISCO and Bay routers. On the other hand, domain name filter function based on conditional forwarding was accomplished in the DNS servers applied Windows and Unix operation systems.
At first, this paper introduces the development process of intrusion detection system. Then by analyzing the log information of packet-filtering firewall, we construct a closing-real-time network intrusion detection system based on firewall log information.
The integration of XML packet filtering and finger table based routing in structured overlay networks provides an elegant base for the proposed SONNET system, upon which the optimization techniques are studied.
Real-time optimisation of access control lists for efficient Internet packet filtering
It is significant that neither access control nor packet filtering is guaranteed to prevent the spread of this mail-attachment-type Trojan horse computer worm.
Popular packet filtering technologies enable users to specify complex filters but do not usually allow multiple filters to be specified.
This paper describes the design and implementation of a new dynamic packet filtering solution that allows users to specify several IP filters simultaneously with almost no packet loss even on highly-loaded gigabit links.