Finally, after it analyses the implementation mechanism of dynamic packet filter module and network address translation module in such embedded firewall system, the paper implements the embedded Linux firewall system on the ES860 hardware platform designed by local lab.
1. Dynamic packet filter model: The dynamic packet filter come with netfilter is relatively easy, which only save the source address and port, object address and port in a connection state table with little connection message and low security.
In this paper,the detection and protection of the SYN Flood attack in Linux are introduced firstmy. The principle that defends the SYN Flood attack based on the Netfilter/iptables dynamic packet filter mechanism is analyzed and then a solution integrated with iptables and Intrusion Detection System(IDS) is proposed. Documents are chosen as the carrier of data transmission in this solution which is programmed in shell script.
Chapter three and chapter four have introduced Agent technology and Dynamic Packet Filter technology respectively, and these two techniques will apply to a Host-based Distributed Intrusion Detection System，which will be put forward in chapter six.
In chapter IV, I discussed the deficiency and shortcoming of IPCHAINS firewall, the dynamic packet filtering under the framework of NETF1LTER, analyzed the connection tracking of FTP application protocol, and implemented the connection tracking of IRC application protocol by myselfFor the moment, the firewall with the function of Traffic Management is very popular in the market.
The paper analyzed the framework and function of Distributed Firewall System, and made a deep study of its three important function: MAC Address Filtering, Dynamic Packet Filtering and Traffic Management.
The article analyzes the work theory of dynamic packet filtering technique and framework of Netfilter in Linux,discusses in detail the method of implementing dynamic packet filtering technique on the basis of Netfilter. At last,the design and implementation of it is finished.
Discrete Fourier transform based on the time domain sequence TCP flow sample x(n) (0,1) standardization sequences. RoQ attack is detected according to it's periodicity etc. A strategy to defense the RoQ attack is proposed.
This paper describes the design and implementation of a new dynamic packet filtering solution that allows users to specify several IP filters simultaneously with almost no packet loss even on highly-loaded gigabit links.
In the dynamic packet filtering function, the TCP header is identified whether it belongs to a new connection or not.
In this work we develop a system that uses dynamic packet filtering and buffering to enable effective bulkrecording of large traffic streams.
Stateful packet inspection or dynamic packet filtering refer to a more capable set of filtering functions on routers.
Based on the inherent deficiency of the traditional firewall this article mainly elaborates security structure of new type firewall,such as active packet filter and distributed firewall.
Today,the security of network is becoming more and more important.Dynamic packet filtering technique which acts as a more useful firewall technique plays a key role in the security of network.The article analyzes the work theory of dynamic packet filtering technique and framework of Netfilter in Linux,discusses in detail the method of implementing dynamic packet filtering technique on the basis of Netfilter.At last,the design and implementation of it is finished.
On the base of introducing the conception and the function of firewall,this article mainly analyzes the working mechanism of dynamic packet filter firewall and proxy server firewall. In the end,the library network example is given to introduce the two kinds of firewall technology in detail.