| Against security issues such as intrusions and attacks, firewall, instrusion detection system and other security technologies are emerged and used widely. Because different security technologies mainly focus on solving a particular aspect of security issues, besides the advancement of technology and the complication of tools, more and more people pay attention to the defense with a variety of network security technologies. Designing a system based on the combination of firewall and IDS to protect the system's security is an important research.In this article, the author presents a method to combinate firewall and IDS based on Netfilter/Iptables architecture in Linux.The system not only makes firewall to block packets based on rules,but also responds on the falte packets.It links to flrewall,finds early warning timely, increases firewalls rules,improves the system's security.The system has realized, its result shows that the system is used simply and works stably,it can defense attacks such as ping attack, SYN flood attack and land attack. |
PDF Full Text Request