期刊文献+

基于Snort检测端口扫描攻击规则的探讨 被引量:2

Discussion on the rules of snort detection port scan attack
下载PDF
导出
摘要 Snort是一个轻量级的开源网络入侵检测系统,其作为入侵检测工具在入侵防范方面得到了广泛的应用。针对当前服务器容易受到不被日志机制、监测系统和入侵检测系统捕捉的隐蔽端口扫描攻击,文章基于Snort入侵检测系统,分析了端口扫描的基本特征,进行自定义Snort规则,以达到对隐蔽端口扫描攻击的检测和报警效果,更加促进应用层实现安全过滤。 Snort is a lightweight open source network intrusion detection system,which is widely used as an intrusion detection tool in intrusion prevention.In view of the fact that the current server is vulnerable to hidden port scanning attacks that are not captured by the log mechanism,monitoring system and intrusion detection system,this paper analyzes the basic characteristics of port scanning based on Snort Intrusion detection system,carries out custom snort rules,achieves the detection and alarm effect of hidden port scanning attacks,and promotes the application layer to achieve security filtering.
作者 丁佳 Ding Jia(Shandong Weiping Information Security Evaluation Technology Co.,Ltd.,Shandong Jinan 250101)
出处 《网络空间安全》 2020年第10期68-72,共5页 Cyberspace Security
关键词 SNORT入侵检测 端口扫描 入侵防范 snort intrusion detection port scanning intrusion prevention
  • 相关文献

同被引文献9

引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部