Title :
Researh on Network Intrusion Prevention System Based on Snort
Author :
Jiqiang Zhai ; Yining Xie
Author_Institution :
Comput. Sci. & Technol. Coll., Harbin Univ. of Sci. & Technol., Harbin, China
Abstract :
There have been some studies highlighting Network Intrusion Prevention System on Windows platform, whereas the most current available implementations of NIPS on Windows recur to the third party firewalls lack of universality and portability. This study presents a new approach to filter the malicious network traffic by configurating IPSec automatically when detecting dangerous alert by cooperation of Snort and IPSec which is embedded in Windows 2000, Windows XP and Windows Server 2003. Firstly, the dynamic configuration and removal of IP Filter by programming are analyzed. Then the implementation of cooperation of Snort and IPSec is examined dissectionally. Finally, the comprehensive testing of the rewritten Snort is performed. The results of experiments prove this method can insulate and control dangerous data packets efficaciously without the third party firewalls and any amendments in Windows System Kernel.
Keywords :
IP networks; authorisation; computer network security; configuration management; operating system kernels; software portability; IP filter; IPSec configuration; NIPS; Snort; Windows 2000; Windows Server 2003; Windows XP; Windows platform; Windows system kernel; firewalls; malicious network traffic; network intrusion prevention system; portability; universality; Fires; Internet; Kernel; Programming; Switches; Virtual private networks; Cooperation; IPSec; NIPS; Snort;
Conference_Titel :
Strategic Technology (IFOST), 2011 6th International Forum on
Conference_Location :
Harbin, Heilongjiang
Print_ISBN :
978-1-4577-0398-0
DOI :
10.1109/IFOST.2011.6021220
