摘要
Abstract
Distributed Denial of Service (DDOS)is a common and destructive network attack.In order to minimize its impacts on network equipment,this paper presents a Netfilter-based strategy for preventing DDOS attacks on access controllers.Using the improved SYN Cookie technology,it executes a secondary development of Netfilter in the inner core of Linux,realizing a firewall against SYN Flood in DDOS.Test results indicate that this scheme effectively prevents network attacks,ensures the normal service of TCP with little performance loss and saves cost.关键词
网络过滤器/接入控制器/分布式拒绝服务/标识握手信号的本地数据/标识握手信号的洪水攻击Key words
Netfilter/access controller/DDOS/SYN Cookie/SYN Flood分类
信息技术与安全科学
