| As an important branch of network's security, firewall technologies attract more and more attention. At present, there are many types of firewall based on Linux which have their own properties. But this firewalls have drawbacks to protect DoS attack. So, this paper studies this field.At first, the paper introduces essential knowledge about firewall, including its strategies, characteristics and technologies, and summarizes main firewall's types at present so as to get an overview of firewall. Then, the paper analyzes how netfilter, namely Linux firewall's kernel level component, implements firewall's functions and abstracts important data structure and data stream. Based on knowledge above, this paper studies the firewall which can defend common DoS attack: â‘ Analyzing the traditional algorithms, this paper gives an proposed algorithm which protects against SYN flooding attack more effectively and preserves a high throughput. â‘¡Analyzing the teardrop and Smurf attacks and indicating a few weaknesses, the paper gives solutions .Through tests on the firewall, it can meet the requirement and protect against DoS attacks effectively.Finally, this paper introduces the development of firewall's new technologies, as follows: stream filtering, intelligent firewall, kernel check, kilomega firewall and distributed firewall.
|
PDF Full Text Request