| Summary: | 碩士 === 國立交通大學 === 資訊管理所 === 91 === In order to control the network of organization and protect the internal network against the attack from external, we implement a stateful inspection firewall based on Linux. This firewall has the advantage of low cost, high performance, and the capability of filtering the packet content. The firewall developers may implement a custom firewall by netfilter module of Linux kernel. Using the technology of stateful inspection, we implement the protocol filtering mechanism, protocol command filtering mechanism, protocol content filtering mechanism, dynamic port filtering mechanism of HTTP, FTP, SMTP, POP3, DNS, ICMP. Besides, we can defense DoS attack by setting the Linux kernel network parameters to enhance the security of firewall.
|
|---|
