| The development of Internet prompts the advance of whole society greatly, meanwhile imposes on society,economics,education,entertainment etc. In reality the relation of the life of human and Internet becomes closed. The people communicate by Internet, share resource each other. Internet reduces the distance of the people all around, and the earth is called earth-village. At the same time network security becomes the people's focus. Some terms appear in the papers oftentimes, such as Virus,network-attacking.These things often occur, such as the confidential data of government or companies being stolen, computer virus deletes some important data on personal computer. Network security has become government,research,and company focus. The upgrading network attack meanings cause much destroyes and make much more loss. Among the network attack meanings, Denial of Service ( DoS ) is one of important network attack, it mainly uses the bug of network protocol. The Principle of DoS is very simple, meaningwhile the tools of DoS are found easily. Consequently the actions of using DoS tools account for a half of network attack, bringing out much loss. Firewall is a very important network security product, bringing out greatly contributing in maintaining network security aspect. As a very important network security product, the functions and performance of firewall are improving and consummating.DoS attack is a very important network attack meanings, mainly using the bug of network protocol designing, it can make much loss in the other side it is hardly prevented. Historically pure packet filter firewall can only filtrate data packet, it hardly adapts to network defend needs. Stateful inspection firewall is a milestone of the development of firewall. It makes impossible to prevent from DoS attack by checking data packet indepentantly. The packet filter firewall hardly meets the need of network defence. The stateful inspection firewall is a milestone, it checkes data packet by connecting previous data packet. It is possible to prevent DoS attack using stateful inspection firewall.In this paper, the basic research of stateful inspection firewall has been made, enumerating the basic principle and method of DoS attack. In detail analyzing Linux stateful inspection firewall source code, the new defending DoS attack method has been... |
PDF Full Text Request