The Design And Prototype Implementation Of Linkage System With IDS And Firewall In LINUX System

Network security is getting more and more important. Diverse security techniques such as firewall, intrusion detection, anti-virus have been wildly applied. But relying solely on a single network security component, the needs of existing network security cannot be met. They must be combined to achieve three-dimensional depth of defensive security system.Because of their complementarities,the linkage of IDS and firewall is important in the whole linkage system.Through the LINUX platform and WINDOWS platforms Comparative analysis of various aspects, the paper finally selected the linkage between IDS and firewall in the LINUX environment for research.This paper summarizes the firewall works and classification, IDS and the principle of classification, as well as their respective advantages and disadvantages of the IDS and firewall will be linked to the feasibility. By studying the current state of development of interaction technology, found that the existing IDS and firewall, if not the same company's products, and the linkage between the two companies must be in accordance with some kind of agreement between the establishment of a public interface, so have a certain Limitations. In such cases, the paper proposes a new linkage programme, the programme is linked by a third party intermediary model, it does not depend on whether the products between the linkage agreement and a unified interface.The Programmer of the paper based on the alert of IDS,according to the output of readable warning of IDS,construction of a regular expression to match,then acquisition, analysis, refining the alarm system linked to information and then issued orders to the firewall. Use the firewall to block invasion of conduct.Above all,the linkage system is put into implementation. After analyzing the idea of the paper, some work must be done to validate this idea, it elaborates the principle and work flow of snort, analyzes the alert file of snort .At the same time, it analysis of the filtering processes and operations of iptables.The feasibility of the linkage system designed by the paper is proved according to the simulation experiment. At last, aggregate the work this paper have done, and do some outlook to next work.