基于SSH协议的审计模型设计

Designing of Audit Model Based on SSH Protocol

目前的审计技术主要是基于ftp、pop和telnet等传统应用层协议上开发,通过对系统的日志进行分析,得出审计结果。但是ftp、pop和telnet等传统应用层协议容易让黑客或其他非法人员侵入系统,修改甚至删除日志而造成传统审计技术发挥不出任何作用。文章提出了一种基于高度加密的SSH协议的proxy审计模型——SSHAudit,克服了传统审计技术的不足。

Now, the audit technology mainly were developed based on the ftp, pop , telnet, and other traditional application-level protocol ,and draw the audit results through the log analysis of the system. However, ftp, pop , telnet, and other traditional application-level protocol can readily allow Hackers or other illegal invasive system, modify and even delete the log, the traditional audit techniques will not play any role .So this thesis presented a proxy audit module--SSHAudit based on strong encryption security SSH protocol, which overcame the shortcomings of tradition technology.