| 入侵检测系统Snort工作原理简析 |
| |
| 引用本文: | 晏金,苗放. 入侵检测系统Snort工作原理简析[J]. 数字社区&智能家居, 2009, 0(25) |
| |
| 作者姓名: | 晏金 苗放 |
| |
| 作者单位: | 成都理工大学信息工程学院; |
| |
| 摘 要: | Snort是基于特征检测的IDS(Intrusion Detection System),使用规则的定义来检查网络中有问题的数据包。Snort主要由四个软件模块组成,这些模块使用插件模式和Snort结合,扩展起来非常方便。这四个主要部件包括包捕获/解码引擎、预处理器、检测引擎、输出插件。主要介绍了Snort的处理过程以及Snort的四个主要部件的工作原理。
|
| 关 键 词: | Snort 括包捕获/解码引擎 预处理器 检测引擎 输出插件 |
Analyse the Working Principle of Intrusion Detection System with Snort |
| |
| YAN Jin,MIAO Fang. Analyse the Working Principle of Intrusion Detection System with Snort[J]. Digital Community & Smart Home, 2009, 0(25) |
| |
| Authors: | YAN Jin MIAO Fang |
| |
| Affiliation: | YAN Jin,MIAO Fang (College of Information Engineering,Chengdu University of Technology,Chengdu 610059,China) |
| |
| Abstract: | Snort is a signature-based IDS (Intrusion Detection System), uses rules to check for errant packets in network. Snort has four components, most of which take plug-ins to customize Snort implementation.These components include packet capture/decoder engine, preprocessor,detection engine,output plug-ins. This paper porvides a detail introduction of Snort process and the four main components of Snort. |
| |
| Keywords: | Snort packet capture/decoder engine preprocessor detection engine output plug-ins |
| 本文献已被 CNKI 等数据库收录! |
|
