A Content-Filter-based Stateful Inspection Firewall Using Linux Kernel Modules
碩士 === 國立交通大學 === 資訊管理所 === 91 === In order to control the network of organization and protect the internal network against the attack from external, we implement a stateful inspection firewall based on Linux. This firewall has the advantage of low cost, high performance, and the capabili...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2003
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/05607338381440668029 |
| id |
ndltd-TW-091NCTU0396030 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-091NCTU03960302016-06-22T04:14:26Z http://ndltd.ncl.edu.tw/handle/05607338381440668029 A Content-Filter-based Stateful Inspection Firewall Using Linux Kernel Modules 以Linux核心模組實作一個具內容過濾功能之狀態檢測防火牆 Tzong-yn Su 蘇宗崟 碩士 國立交通大學 資訊管理所 91 In order to control the network of organization and protect the internal network against the attack from external, we implement a stateful inspection firewall based on Linux. This firewall has the advantage of low cost, high performance, and the capability of filtering the packet content. The firewall developers may implement a custom firewall by netfilter module of Linux kernel. Using the technology of stateful inspection, we implement the protocol filtering mechanism, protocol command filtering mechanism, protocol content filtering mechanism, dynamic port filtering mechanism of HTTP, FTP, SMTP, POP3, DNS, ICMP. Besides, we can defense DoS attack by setting the Linux kernel network parameters to enhance the security of firewall. Chi-Chun Lo 羅濟群 2003 學位論文 ; thesis 70 zh-TW |
| collection |
NDLTD |
| language |
zh-TW |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 國立交通大學 === 資訊管理所 === 91 === In order to control the network of organization and protect the internal network against the attack from external, we implement a stateful inspection firewall based on Linux. This firewall has the advantage of low cost, high performance, and the capability of filtering the packet content. The firewall developers may implement a custom firewall by netfilter module of Linux kernel. Using the technology of stateful inspection, we implement the protocol filtering mechanism, protocol command filtering mechanism, protocol content filtering mechanism, dynamic port filtering mechanism of HTTP, FTP, SMTP, POP3, DNS, ICMP. Besides, we can defense DoS attack by setting the Linux kernel network parameters to enhance the security of firewall.
|
| author2 |
Chi-Chun Lo |
| author_facet |
Chi-Chun Lo Tzong-yn Su 蘇宗崟 |
| author |
Tzong-yn Su 蘇宗崟 |
| spellingShingle |
Tzong-yn Su 蘇宗崟 A Content-Filter-based Stateful Inspection Firewall Using Linux Kernel Modules |
| author_sort |
Tzong-yn Su |
| title |
A Content-Filter-based Stateful Inspection Firewall Using Linux Kernel Modules |
| title_short |
A Content-Filter-based Stateful Inspection Firewall Using Linux Kernel Modules |
| title_full |
A Content-Filter-based Stateful Inspection Firewall Using Linux Kernel Modules |
| title_fullStr |
A Content-Filter-based Stateful Inspection Firewall Using Linux Kernel Modules |
| title_full_unstemmed |
A Content-Filter-based Stateful Inspection Firewall Using Linux Kernel Modules |
| title_sort |
content-filter-based stateful inspection firewall using linux kernel modules |
| publishDate |
2003 |
| url |
http://ndltd.ncl.edu.tw/handle/05607338381440668029 |
| work_keys_str_mv |
AT tzongynsu acontentfilterbasedstatefulinspectionfirewallusinglinuxkernelmodules AT sūzōngyín acontentfilterbasedstatefulinspectionfirewallusinglinuxkernelmodules AT tzongynsu yǐlinuxhéxīnmózǔshízuòyīgèjùnèiróngguòlǜgōngnéngzhīzhuàngtàijiǎncèfánghuǒqiáng AT sūzōngyín yǐlinuxhéxīnmózǔshízuòyīgèjùnèiróngguòlǜgōngnéngzhīzhuàngtàijiǎncèfánghuǒqiáng AT tzongynsu contentfilterbasedstatefulinspectionfirewallusinglinuxkernelmodules AT sūzōngyín contentfilterbasedstatefulinspectionfirewallusinglinuxkernelmodules |
| _version_ |
1718315086181826560 |