| With the quick development of Computer network, people’s life becomes moreconvenient. But hackers use the network’s vulnerabilities and exposures to attack usat the same time. Nowadays, hacker’s attack means become more manifold. The oldnetwork technology can’t block the attack. We need a new protection system. Thispaper does research in the above background. The paper’s main purpose is to developa kind of IPS to block the attack in order to defense network security.Firstly, the paper analyzes Snort and firewall technology, uncovers theiradvantage and disadvantage, feature and application range. We find that we can linkSnort and firewall in the end. In this situation, we not only carry out their feature, butuse an new technology—cooperation technology. It provides network protectionsome new ideas. The paper develops IPS based on windows platform under theguidance of the linkage ideology.After analyzing and comparing Snort’s several match algorithms, we propose annew Snort’s match algorithm—MPKR algorithm. It’s a multi-mode match algorithm;it reduces match scale and times, and improves the speed of mode match. The snortwhich has use MPKR algorithm improves much in match rate.Using Snort’s plug-in mechanism, we link snort and IP Filter. After that, ifattack happens, snort alarms firewall, and firewall block the attack several minutes.IPS works under Windows platform. It changes the situation that linkage technologyworks under Linux platform.At last, we test the system and MPKR algorithm, the results show that snort’smatch rate increases, and after finding attack, IPS can block attack in time. Thisprotects host’s security. The results meet expected target. |
PDF Full Text Request