The Research And Implementation Of Campus Network Security System Based On Honeynet

With the rapid development of computer network technology, in the university campus network applications are increasingly widespread.The application of the campus network university in teaching, office, research and other aspects of earth-shaking changes have taken place, changing the traditional business forms and university teaching, has become an indispensable teaching university under the weight of office tools. At present, various colleges and universities have begun to use their own office network systems and learning management system and other management platforms, which also makes the work of colleges and universities are increasingly dependent on the campus network. The use of the campus network platform so that colleges and universities in the allocation of resources management, information processing, resource sharing and other aspects of teaching played a positive role in promoting simplified workflow, reduced labor intensity, save a lot of manpower and resources and improve the work efficiency, development for the college made an indelible contribution. However, due to the characteristics of its own network network allows us to enjoy the convenience brought to us but also brought us a series of problems that face a variety of network security problem. Campus network as part of the Internet is also faced with this or that network security threats, a series of campus network security problems are constantly appearing and happening. Especially in recent years, the frequent occurrence of the campus network security, such as worms, Ddos attacks and other attacks have to our campus network and the varying degrees of damage caused by blow. With the continuous development of hacking, attack tools and techniques are constantly updated and improved means of attack is endless, the attacker is no longer necessary skills and knowledge are too many hackers can easily use the attack tools at any time and any site launched attacks on the network. These are serious threats to the campus network information security, and even devastation, making the network to its knees, the management system can not function properly, affecting the normal teaching and office. In view of this situation, how to design and deploy networks, to take effective network security technology, to build a secure and reliable campus network architecture, has become an unavoidable University faced a serious problem.Currently, our network security technology is the main use of firewalls, intrusion detection, the use of these technologies so that network security situation to a certain degree of improvement, but these techniques are usually based on rules and feature matching approach to detect intrusions and attacks behavior, for example, a firewall is to first establish its own identity to the rule base and then scan the data and rules database feature matching to detect attacks, attack detection and protection in order to achieve the purpose of the system. Obviously, this method can detect only features have been included into the library of known attacks, for unknown types of attacks can not respond well, often these attacks have occurred and caused our system to the ring after the break, to know they are attacking, the attack signatures to put the signature collected in the attack in the future to respond. Thus, the protection technology is a lot of limitations, can detect the known attacks, and unknown attacks do nothing, and always in a passive position. However, as technology continues to attack the development of new means of attack is emerging, the network security technology even more powerless.To this end, we need a campus network to function with the active defense system for network security protection for known and unknown to the new means of attack can be effective protection and proactive prevention, honeynet technology is such that active defense network security technology.This paper describes a new technique of active intrusion prevention (Intrusion Prevention System, IPS)---Honeynet, Honeynet technologies through the traditional firewall, intrusion detection and other existing technical means to build a valid and reasonable Campus active intrusion prevention network security architecture. The paper also used in the system the key technology to achieve specific functions, and its main function was tested. Test results show that the system can be a very good run in the campus network and can detect known and unknown attacks, these attacks can effectively prevent and suppress, on the campus network so as to achieve effective security.