摘要
为增加网络的安全性,针对目前常见的网络攻击形式,研究了主动防御技术中的网络捕包技术,即通过自行编程主动捕获网络上传输的数据包,进行分析,得到有用信息。利用TCP/IP协议中的混杂模式,通过Linux下的GCC具体编程进行底层数据捕包和分析,实验结果理想。可将其作为一种有效的管理手段,进行流量监控、故障诊断以及实时监测网络所受到的攻击。
Facing presently attack and adding security of network, network packet capture in initiative recovery of network is discussed, which can capture the packets transmitting on the network and through the further analysis to get useful information by self-programme. Using TCP/IP protocol of motley mode and GCC programme tool of Linux, the results with bottom packets capture and analysis are obtained. So, it is an effective way for flux-watch, malfunction-judge and network attack control in real time.
出处
《系统工程与电子技术》
EI
CSCD
北大核心
2005年第5期936-941,共6页
Systems Engineering and Electronics
基金
重庆市教委科学技术项目基金资助课题(050301)