沙洲职业工学院学报
沙洲職業工學院學報
사주직업공학원학보
JOURNAL OF SHAZHOU POLYTECHNICAL INSTITUTE OF TECHNOLOGY
2014年
1期
3-8
,共6页
入侵检测%Linux%Snort%检测规则%模式匹配
入侵檢測%Linux%Snort%檢測規則%模式匹配
입침검측%Linux%Snort%검측규칙%모식필배
Intrusion Detection%Linux%Snort%Detection rules%Pattern matching
入侵检测是一种用于检测网络中违反安全策略行为,并做出保护反应的技术。从体系结构、基本功能方面对开源的Snort入侵检测系统进行深入分析,构建基于Linux平台的Snort网络入侵检测系统,并以FTP服务为例,阐述了Snort规则的配置,以及对FTP服务进行报警的过程。
入侵檢測是一種用于檢測網絡中違反安全策略行為,併做齣保護反應的技術。從體繫結構、基本功能方麵對開源的Snort入侵檢測繫統進行深入分析,構建基于Linux平檯的Snort網絡入侵檢測繫統,併以FTP服務為例,闡述瞭Snort規則的配置,以及對FTP服務進行報警的過程。
입침검측시일충용우검측망락중위반안전책략행위,병주출보호반응적기술。종체계결구、기본공능방면대개원적Snort입침검측계통진행심입분석,구건기우Linux평태적Snort망락입침검측계통,병이FTP복무위례,천술료Snort규칙적배치,이급대FTP복무진행보경적과정。
Intrusion detection is a kind of technology used to detect the behavior in a network security breach strategy and make the protection of network. This paper makes an in-depth analysis on the open source Snort intrusion detection system from the perspectives of the structure and basic functions of the system, builds Snort network intrusion detection system based on a Linux platform, and expounds the configuration of Snort rules, as well as the process of alarm for FTP service.