摘要
DDoS(分布式拒绝服务攻击)是一种攻击强度大、危害严重的攻击方式。它利用合理的请求来占用过多的服务器资源,致使服务超载,无法响应其他的请求。netfilter是Linux2.4以后的内核中采用的一个结构清晰,便于扩展优秀的防火墙框架。主要介绍了如何在netfilter基础之上实现一个能防御DDoS攻击的防火墙。
Defense against DDoS (distributed denial-of-service)attacks ;is one of the hardest security problems on the Internet. Attacker usually sends too many requests for service in order to use up the resource on the server, and server can not provide service for teal request because of overloading, netfilter is an excellent firewall framework that has plain structure to extend conveniently adopted during the Linux kernel 2.4 and subsequent versions.This paper introduces how to extend conveniently adopted during the Linux kernel 2.4
出处
《计算机安全》
2009年第2期60-62,共3页
Network & Computer Security
