文献类型：期刊文献

中文题名：Linux防火墙远程控制系统的开发

英文题名：Development of Linux-based firewall remote control system

作者：王晓博[1];张亚东[1];徐刚[1]

第一作者：王晓博

机构：[1]河南财经政法大学计算机与信息工程学院

第一机构：河南财经政法大学计算机与信息工程学院

年份：2015

卷号：30

期号：5

起止页码：98-103

中文期刊名：郑州轻工业学院学报：自然科学版

收录：CSTPCD

基金：国家自然科学基金项目(61309033);河南省基础与前沿技术研究计划项目(132300410438)

语种：中文

中文关键词：防火墙;远程控制;GTK+;DDoS;端口扫描攻击

外文关键词：firewall; remote control; GTK ＋; DDoS; port scan attacks

摘要：针对现有局域网防火墙无法有效监控用户访问行为、恶意攻击等问题,提出基于Linux Socket特定端口的远程控制防火墙方案:利用Linux操作系统平台的动态包过滤技术,将防火墙的包过滤、常用服务配置和IP黑名单功能进行整合;再利用Linux Socket通信程序设计架构实现防火墙的远程控制;然后采用GTK+设计一个基于C/S模式的图形界面客户端管理与配置程序,以便网络管理员配置防火墙策略.测试结果表明,该防火墙系统针对网内用户访问行为控制、网外的DDoS和端口扫描攻击等问题,具备一定的解决能力,并对IPv6数据包过滤策略具备一定的扩展功能,可保障网内各终端的信息安全.
Aiming at problems that the existing LAN Firewall can not monitor user access and hostile attack effectively,the scheme of firewall remote control based on the specific port of Linux Socket was proposed. It used the dynamic packet filter of Linux-based operating system,which integrated the packet filter,common service configuration and IP blacklist; Secondly,it used Linux Socket network program design architecture to realize remote control of firewall; Then,it used the GTK ＋ to design a model of graphical interface client management and configuration program based on C / S model,which could facilitate administrator to configure the firewall. Results of the test showed that this firewall system could solve the control of net user access behavior and many kinds of attacks,such as DDoS Attacks and the Port Scan Attacks,furthermore,it gave extended function to IPv6 data packet filtering strategy to guarantee security of the information from each network terminal.