| With the growing popularity of the Internet, the people access to the information more and more conveniently.but it also provides the persons who have the bad intention with a new way of attacking the Internet. On the one hand,the hackers take advantage of the bug in the security system not only access to the basic network protocol but also attack based on the application layer protocol;On the other hand, because of the wide spread of many kinds of computer viruses, the attacks in the Intranet increase sharply. Under such circumstances,it is unable to ensure the security of the network if we only depend on firewall or IDS, it needs tointroduce a more advanced technology------Intrusion Prevention System (IPS). It can analysisany kind of protocol including the application layer protocol in-depth and block the flow of attacking in real-time.Honeypot is a security resource, its value lies in being detected and attacked. On the one hand, honeypot attracts hacking attacks by lefting some bugs, interacting with the hackers and capturing all the hackers' attacks, then honeypot collects information which can develop safty strategies for network administrators to reference; On the other hand, the deployment of honeypot makes hackers spend time on the honeypot and prescinds attention from neighboring networks, so it protects the security of surrounding network.The paper designs a security defense system based on the IPS and honeypot technology through studying the IPS and honeypot technology in-depth,and achieves the IPS and honeypot in the security defense system .Firstly, the article analysises and researches the IPS and the honeypot technology ,and designs a security defense system based on the IPS and honeypot technology;Then the paper analysises the principle of honeyd simply and emphasizes on studying the unit of the snort_inline and the Netfilter through analysising their source code;Besides above all, the paper verifies the function of the security defense system. |
PDF Full Text Request