基于PHP的校園網(wǎng)防火墻的配置與實(shí)現(xiàn)
發(fā)布時(shí)間:2018-10-10 11:10
【摘要】:隨著互聯(lián)網(wǎng)技術(shù)的高速發(fā)展,校園網(wǎng)已成為高等院校校內(nèi)外進(jìn)行信息共享、信息交流、對(duì)外宣傳等的重要平臺(tái)。然而,校園網(wǎng)在為高校的信息化建設(shè)帶來種種生機(jī)的同時(shí),也對(duì)校園的傳統(tǒng)安全體系帶來了嚴(yán)峻的挑戰(zhàn)。尤其是隨著高校信息化的不斷加快,高等院校的網(wǎng)絡(luò)中都存儲(chǔ)著大量的信息資料,,學(xué)校的教學(xué)、科研、管理和服務(wù)等工作越來越依賴于校園網(wǎng),一旦網(wǎng)絡(luò)安全出現(xiàn)問題,將造成信息丟失或不能及時(shí)流通,或者被篡改、增刪、破壞、竊用,這都將給學(xué)校帶來難以彌補(bǔ)的巨大損失。校園網(wǎng)的安全性如果得不到保障,則必然會(huì)成為高校信息化建設(shè)的障礙。而防火墻在校園網(wǎng)的安全性上就起到了非常好的保護(hù)作用,它使得入侵者要接觸目標(biāo)計(jì)算機(jī)之前,都必須先穿越防火墻的安全防線。因此,一款高性能的防火墻對(duì)校園網(wǎng)的安全性就起到了至關(guān)重要的作用。 為完善校園網(wǎng)安全防御體系,本文以開發(fā)一款適合華聯(lián)學(xué)院校園網(wǎng)安全模型的智能型防火墻為切入點(diǎn),為華聯(lián)學(xué)院建立一種能保障本校校園網(wǎng)安全的多維的校園網(wǎng)安全模型。本防火墻采用包過濾技術(shù),是建立在FreeBSD平臺(tái)上的一款I(lǐng)PFilter軟件防火墻。由于在FreeBSD內(nèi)核里進(jìn)行IPFilter防火墻的配置涉及編寫規(guī)則,對(duì)于一般的管理員是比較難理解的,這樣可能就會(huì)導(dǎo)致管理員不能進(jìn)行正確的配置。本文基于PHP語言來建構(gòu)一個(gè)網(wǎng)站,并在此網(wǎng)站上實(shí)現(xiàn)對(duì)IPFilter防火墻的配置,它具備過濾、狀態(tài)檢測(cè)、NAT、流量控制、智能防御等多種功能。這款防火墻將為校園網(wǎng)的安全體系建立起第一道安全的防線。但防火墻的設(shè)置只是校園網(wǎng)安全模型的第一步,該防火墻有著其不足之處,如它并不具備防范來自高層協(xié)議上的不安全因素、不具備入侵檢測(cè)等功能,此智能防火墻的功能還需進(jìn)一步優(yōu)化。同時(shí)要完善校園網(wǎng)安全模型還需考慮其他安全策略,例如網(wǎng)絡(luò)設(shè)備的軟硬件、校園網(wǎng)用戶的安全意識(shí)等都是不可缺少的考慮因素。 通過對(duì)本防火墻系統(tǒng)的測(cè)試及運(yùn)行,本防火墻系統(tǒng)更適合華聯(lián)學(xué)院校園網(wǎng)安全系統(tǒng)的應(yīng)用。與內(nèi)核防火墻相比,它具備界面直觀、操作簡(jiǎn)單、功能齊全等特點(diǎn),對(duì)整個(gè)校園網(wǎng)絡(luò)安全起到了較好的防御作用。
[Abstract]:With the rapid development of Internet technology, campus network has become an important platform for information sharing, information exchange and publicity in and out of colleges and universities. However, the campus network not only brings all kinds of vitality to the information construction of colleges and universities, but also brings severe challenges to the traditional security system of the campus. In particular, with the rapid development of information technology in colleges and universities, a large number of information materials are stored in the network of colleges and universities. The teaching, scientific research, management and service of colleges and universities depend more and more on the campus network. Once the network security problems arise, Information will be lost or unable to circulate in time, or be tampered with, added, deleted, destroyed, stolen, which will bring irreparable huge losses to the school. If the security of campus network can not be guaranteed, it will inevitably become an obstacle of information construction in colleges and universities. Firewall plays a very good role in the security of campus network. It makes intruders have to pass through the firewall security line before they can contact the target computer. Therefore, a high-performance firewall on campus network security plays a vital role. In order to perfect the security defense system of campus network, this paper starts with the development of an intelligent firewall suitable for the security model of campus network of Hualian University, and establishes a multi-dimensional security model of campus network for Hualian College. This firewall uses packet filtering technology, is built on the FreeBSD platform of a IPFilter software firewall. Because the configuration of the IPFilter firewall in the FreeBSD kernel involves writing rules, it is difficult for the general administrator to understand, which may result in the administrator unable to configure correctly. This paper constructs a website based on PHP language, and implements the configuration of IPFilter firewall on this website. It has many functions, such as filtering, state checking, traffic control, intelligent defense and so on. The firewall will create the first line of security for the security system of the campus network. However, the setting of firewall is only the first step of the campus network security model. The firewall has its shortcomings, such as it does not have the function of preventing the unsafe factors from the high-level protocol, not having the function of intrusion detection, etc. The function of this intelligent firewall needs to be further optimized. At the same time, other security strategies should be considered in order to perfect the security model of campus network, such as the hardware and software of network equipment, the security consciousness of campus network users and so on. Through the test and operation of the firewall system, the firewall system is more suitable for the application of campus network security system of Hualian University. Compared with the kernel firewall, it has the features of intuitive interface, simple operation and complete functions, which plays a better defensive role in the security of the whole campus network.
【學(xué)位授予單位】:華南理工大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2014
【分類號(hào)】:TP393.08;TP393.18
本文編號(hào):2261540
[Abstract]:With the rapid development of Internet technology, campus network has become an important platform for information sharing, information exchange and publicity in and out of colleges and universities. However, the campus network not only brings all kinds of vitality to the information construction of colleges and universities, but also brings severe challenges to the traditional security system of the campus. In particular, with the rapid development of information technology in colleges and universities, a large number of information materials are stored in the network of colleges and universities. The teaching, scientific research, management and service of colleges and universities depend more and more on the campus network. Once the network security problems arise, Information will be lost or unable to circulate in time, or be tampered with, added, deleted, destroyed, stolen, which will bring irreparable huge losses to the school. If the security of campus network can not be guaranteed, it will inevitably become an obstacle of information construction in colleges and universities. Firewall plays a very good role in the security of campus network. It makes intruders have to pass through the firewall security line before they can contact the target computer. Therefore, a high-performance firewall on campus network security plays a vital role. In order to perfect the security defense system of campus network, this paper starts with the development of an intelligent firewall suitable for the security model of campus network of Hualian University, and establishes a multi-dimensional security model of campus network for Hualian College. This firewall uses packet filtering technology, is built on the FreeBSD platform of a IPFilter software firewall. Because the configuration of the IPFilter firewall in the FreeBSD kernel involves writing rules, it is difficult for the general administrator to understand, which may result in the administrator unable to configure correctly. This paper constructs a website based on PHP language, and implements the configuration of IPFilter firewall on this website. It has many functions, such as filtering, state checking, traffic control, intelligent defense and so on. The firewall will create the first line of security for the security system of the campus network. However, the setting of firewall is only the first step of the campus network security model. The firewall has its shortcomings, such as it does not have the function of preventing the unsafe factors from the high-level protocol, not having the function of intrusion detection, etc. The function of this intelligent firewall needs to be further optimized. At the same time, other security strategies should be considered in order to perfect the security model of campus network, such as the hardware and software of network equipment, the security consciousness of campus network users and so on. Through the test and operation of the firewall system, the firewall system is more suitable for the application of campus network security system of Hualian University. Compared with the kernel firewall, it has the features of intuitive interface, simple operation and complete functions, which plays a better defensive role in the security of the whole campus network.
【學(xué)位授予單位】:華南理工大學(xué)
【學(xué)位級(jí)別】:碩士
【學(xué)位授予年份】:2014
【分類號(hào)】:TP393.08;TP393.18
【參考文獻(xiàn)】
相關(guān)期刊論文 前8條
1 馬軼文;;電力信息網(wǎng)的安全體系建設(shè)[J];山西電力;2005年06期
2 張俊祥;;高校校園網(wǎng)絡(luò)安全現(xiàn)狀分析與解決策略[J];數(shù)字技術(shù)與應(yīng)用;2011年09期
3 褚建立;馬雪松;;基于七級(jí)防護(hù)安全模型的校園網(wǎng)病毒防護(hù)措施[J];網(wǎng)絡(luò)安全技術(shù)與應(yīng)用;2007年06期
4 孫曉樂;高東懷;靳豪杰;;多維校園網(wǎng)安全模型研究[J];現(xiàn)代電子技術(shù);2011年21期
5 李勇,宋曉霞;一種基于分布式防火墻的校園網(wǎng)安全模型[J];雁北師范學(xué)院學(xué)報(bào);2004年06期
6 田密;史維峰;張瑞;;利用防火墻和入侵檢測(cè)構(gòu)建校園網(wǎng)安全模型[J];延安大學(xué)學(xué)報(bào)(自然科學(xué)版);2008年04期
7 陸峰驊;;校園網(wǎng)安全與防范研究[J];科技資訊;2010年32期
8 叢蓉,王秀坤,劉云飛,周巖;一種基于多維分析的校園網(wǎng)安全模型[J];中國(guó)醫(yī)學(xué)教育技術(shù);2004年04期
本文編號(hào):2261540
本文鏈接:http://sikaile.net/guanlilunwen/ydhl/2261540.html
最近更新
教材專著
