• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>The 11th World Multi-Conference on Systemics, Cybernetics and Informatics(WMSCI 2007) Jointly with the 13th International Conference on Information Systems Analysis and Synthesis(ISAS 2007) >A Filter Check System for Defeating Attacks which employ IP Source Address Spoofing
【24h】

A Filter Check System for Defeating Attacks which employ IP Source Address Spoofing

机译:使用IP源地址欺骗的用于抵御攻击的过滤器检查系统

获取原文
获取外文期刊封面目录资料
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

To secure network layer is needed for stable IP network as infrastructure. As TCP SYN flooding attack shows, sender of attack packet generally masquerades as others by spoofing source IP address in the packet. IP network becomes more secure, if backbone network through which IP spoofing packet does not flow can be realized. Egress filtering is a way of not flowing IP spoofing packet into backbone network.Each customer network should activate egress filtering for being an effective stratagem. From not only the view point of IP network security but also suppression of threat to be springboard, egress filter must be applied in all customer networks. However, no tool is ready for easily checking egress filtering. In this paper, we show an egress filter check system which can obtain results of egress filter check on routers in a path to arbitrary host.
机译:为了确保稳定的IP网络作为基础结构,需要保护网络层。如TCP SYN泛洪攻击所示,攻击数据包的发送者通常通过欺骗数据包中的源IP地址来伪装成其他数据包。如果可以实现IP欺骗数据包不流经的骨干网络,则IP网络将变得更加安全。出口过滤是不将IP欺骗数据包流入骨干网络的一种方法,每个客户网络都应激活出口过滤以作为有效的策略。不仅从IP网络安全的角度来看,而且从抑制威胁成为跳板的角度来看,出口筛选器必须应用于所有客户网络。但是,尚无工具可轻松检查出口过滤。在本文中,我们展示了一个出口过滤器检查系统,该系统可以在通往任意主机的路径上的路由器上获得出口过滤器检查的结果。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号