| Applying Internet technology in all possible fields to build information infrastructure is the most technology trend. Although the problem of internet security has became a hot topic of information construction, information security research is an important aspect of computer science absolutely, all sorts of network security technology have been empoldered. But network intrusion events are continuously reported happened in organizations. Though there are several reasons leading to those security accidents, But security problems of internal network are extremely stand out. There are several aspects of internal network security, In this paper, I focus on the problem of unauthorized dialing-up.In common sense, Internet security measures mostly including: firewall, IDS, and cipher mechanisms. However, these network security systems can not thoroughly protect the safety of information network, while computers in intertal network connecting to internet through unauthorized manners, network intrusion may have chances to invade this intranet computer, once this computer is controlled by intrusion, intrusion will access intranet, steal confidential documents through the intranet computer unauthorized ly connecting to internet, even worse intrusion will make intranet paralysis. Because this manner use another link to connect to internet not normal intranet gateway, firewalls have no means to deal with these attacks. In another hand, intrusion can entirely access other computers in intranet with legal status, in practice, IDS can not detect this kind of access forever. Intrusions will use intranet resources with legal LAN user status and without any threats. There are something to be concerned superfluity, unauthorized dial-up always deeply enshrouded, in order to manage these unauthorizedbehaviors may have some difficulties. Some aspects worth considering is that there are multiplicities in internet linking technology, people can choose several manners to connect to internet, such as RAS> ADSL, ISDN> Cable Modem, etc. These technology themselves are diverse in software and hardware, precisely detecting these dial-up behaviors are not easy tasks, and detecting technologies are not consistent. So this kind of unauthorized behaviors are key points of intranet management. Despite there are many molding technologies to detect unauthorized dialing-up, but they all have some limitations. Currently, researchers have unfolded less through and micromesh works relating to this field. Carrying through research on detecting unauthorized dialing-up has significant realistic means.This paper focus on analyzing and researching technologies using for detecting unauthorized dialing-up behaviors generally and thoroughly. Particularly analyzed mainstream dial-up technology in current time. The emphases lies in deeply discussing two technologies used to detect unauthorized dial-up behaviors combined with some experiences from specific project, separately , they are base on network and base on host computer. Also, in this paper some technology designing schemes and concrete codes are being offered. The most important aspect in this paper is that the author has put forward utilizing NDIS HOOK technology to detect unauthorized dial-up of intranet. This technology may efficiently solve the problem of can not detect dial-up using ADSL with manufacturer' s own driver programs , which existing in many unauthorized dial-up detecting software. In the end of this paper there is a contrast table of different detecting dial-up technologies. During the process of research some relative technologies in this paper,I always link my research work with the exploitation of item. The research method of this paper is analysing the problems which are feeding back from item now and again, and solving them ceaselessly, at the same time , the item itself has verified the research work. Owing to this , my research work of Internal network host computer unauthorized dialing-up detecting technology have certain profundity and application value. The significant aspect of this research work worth pointing out is that somefruits of this work has been successfully applied to the development of item, especially, this item has passed the authentication of certain department and now become products extending to market.
|
PDF Full Text Request