摘要
分析了高速 IP网络的特点 ,并针对典型的 VPN(Virtual Private Network)协议 (IPSec和 PPTP)设计了基于L inux操作系统的 IP网络高速监视器 ,该监视器能对高速 IP网络中的 VPN通信进行实时监视和实时干扰 .试验结果表明该高速监视器能够处理 80 0 Mbp/ s的流量 ,能够对 VPN协议 (IPSec、PPTP)进行实时阻断 ;从接收 IP数据包→策略匹配→发现该数据包违规→发送干扰数据包耗时约为 0 .0 5 5
Based on the problem of the watch of high speed IP(Internet Protocol) network, this paper presents a model that monitors and interdicts the illegal VPN(Virtual Private Network) connection(IPSec protocol and PPTP protocol) on high speed IP network based on network structure of Linux Operating System.The model consists of three parts:monitoring module, analysis module, interdiction module.At last, this paper implements the model and tests it. It receive the network flow from the SPAN(Switched Port Analyzer)port of switch or router, and analyses network flow (about 800Mbp/s), and interdicts the illegal VPN connection for about 0.055ms after finding the illegal VPN communication.
出处
《小型微型计算机系统》
CSCD
北大核心
2004年第4期547-549,共3页
Journal of Chinese Computer Systems
基金
国家自然科学基金 ( 60 0 73 0 46)资助
关键词
高速网络
实时监视
实时干扰
high speed network
real time monitoring
real time interdiction
