摘要
SYN Flood攻击是目前最流行的DOS/DDOS攻击手段。首先介绍Linux环境下SYN Flood攻击的检测方法和防范手段,重点分析基于Netfilter/iptab les的动态包过滤机制抗御SYN Flood攻击的原理,然后提出一种iptab les与入侵检测系统(IDS)的集成解决方案,采用文件作为数据传递的载体并通过shell脚本编程实现。试验结果表明,该方法可以有效抵御SYN Flood攻击。
The SYN Flood attack is the most popular DOS/DDOS attack method. In this paper, the detection and protection of the SYN Flood attack in Linux are introduced firstly. The principle that defends the SYN Flood attack based on the Netfiher/iptables dynamic packet filter mechanism is analyzed and then a solution integrated with iptables and Intrusion Detection System (IDS) is proposed. Documents are chosen as the carrier of data transmission in this solution which is programmed in shell script. The experiment results show that this solution can defend the SYN Flood attack effectively.
出处
《南京邮电大学学报(自然科学版)》
EI
2007年第1期56-59,共4页
Journal of Nanjing University of Posts and Telecommunications:Natural Science Edition
基金
国家高技术研究发展计划(863计划)(2004AA775053)
江苏省高技术研究计划(BG2005037)资助项目
