Huzhou City Public Security Network Firewall And Intrusion Detection System Design And Implementation

Nowadays, the growing and thriving network industry which so many merits it has, the dramatic increase in online crime, the uncertainty of online security and other waiting-for-improvement problems make it urgent and necessary to protect the security of the LAN.Firewall as an important measure plays a vital role in protecting Network Security. Firewall is situated between internal network and Internet, it can detect the Internet traffic in the purpose of protecting internal network effectively. If we use anomaly detection technology, we can also discover new network attacks. The examination of the application layer will do no harm to the network performance for Intrusion Detection and other System mainframe is parallel with each other. In a word, IDS is closely linked with the firewall and supplement it effectively.1. The designated intrusion detection system, named NSS, is able to identify as many as 1200 kinds of attacks. These attacks include UDP/TCP ports scan and probe, buffer attack, IP deception attack and other attempting attacks such as DOS, DNS, FTP, NIS, DNS, WEB, DDOS, OS and CGU etc.2. Introduce searching engine technology of"event inspection". By defining the modular description language in respect of its intrusion patterns and the corresponding rules parser, we can describe new attacks in modular description language , add new attacks to logging database and at the same time use the event inspection system to recognize the attacks, which make sure of the expandability of the system and make the update more convenient.3. Design and implement the collaborating mechanism between firewall packet filter system and IDS, which greatly enhance the security of firewall and networks.4. Design and implement the server configuration management system of intelligent firewall, which deals with the client's configuration requests for firewall system. As a result, the remote management of the host becomes easier and safer.5. Make several improvements to Daily Logfile System: The cache technology is used to write the daily logging data on the memory, which solve the problem of the insufficient space of DOM.