基于PHP的校园网防火墙的配置与实现
发布时间:2018-10-10 11:10
【摘要】:随着互联网技术的高速发展,校园网已成为高等院校校内外进行信息共享、信息交流、对外宣传等的重要平台。然而,校园网在为高校的信息化建设带来种种生机的同时,也对校园的传统安全体系带来了严峻的挑战。尤其是随着高校信息化的不断加快,高等院校的网络中都存储着大量的信息资料,,学校的教学、科研、管理和服务等工作越来越依赖于校园网,一旦网络安全出现问题,将造成信息丢失或不能及时流通,或者被篡改、增删、破坏、窃用,这都将给学校带来难以弥补的巨大损失。校园网的安全性如果得不到保障,则必然会成为高校信息化建设的障碍。而防火墙在校园网的安全性上就起到了非常好的保护作用,它使得入侵者要接触目标计算机之前,都必须先穿越防火墙的安全防线。因此,一款高性能的防火墙对校园网的安全性就起到了至关重要的作用。 为完善校园网安全防御体系,本文以开发一款适合华联学院校园网安全模型的智能型防火墙为切入点,为华联学院建立一种能保障本校校园网安全的多维的校园网安全模型。本防火墙采用包过滤技术,是建立在FreeBSD平台上的一款IPFilter软件防火墙。由于在FreeBSD内核里进行IPFilter防火墙的配置涉及编写规则,对于一般的管理员是比较难理解的,这样可能就会导致管理员不能进行正确的配置。本文基于PHP语言来建构一个网站,并在此网站上实现对IPFilter防火墙的配置,它具备过滤、状态检测、NAT、流量控制、智能防御等多种功能。这款防火墙将为校园网的安全体系建立起第一道安全的防线。但防火墙的设置只是校园网安全模型的第一步,该防火墙有着其不足之处,如它并不具备防范来自高层协议上的不安全因素、不具备入侵检测等功能,此智能防火墙的功能还需进一步优化。同时要完善校园网安全模型还需考虑其他安全策略,例如网络设备的软硬件、校园网用户的安全意识等都是不可缺少的考虑因素。 通过对本防火墙系统的测试及运行,本防火墙系统更适合华联学院校园网安全系统的应用。与内核防火墙相比,它具备界面直观、操作简单、功能齐全等特点,对整个校园网络安全起到了较好的防御作用。
[Abstract]:With the rapid development of Internet technology, campus network has become an important platform for information sharing, information exchange and publicity in and out of colleges and universities. However, the campus network not only brings all kinds of vitality to the information construction of colleges and universities, but also brings severe challenges to the traditional security system of the campus. In particular, with the rapid development of information technology in colleges and universities, a large number of information materials are stored in the network of colleges and universities. The teaching, scientific research, management and service of colleges and universities depend more and more on the campus network. Once the network security problems arise, Information will be lost or unable to circulate in time, or be tampered with, added, deleted, destroyed, stolen, which will bring irreparable huge losses to the school. If the security of campus network can not be guaranteed, it will inevitably become an obstacle of information construction in colleges and universities. Firewall plays a very good role in the security of campus network. It makes intruders have to pass through the firewall security line before they can contact the target computer. Therefore, a high-performance firewall on campus network security plays a vital role. In order to perfect the security defense system of campus network, this paper starts with the development of an intelligent firewall suitable for the security model of campus network of Hualian University, and establishes a multi-dimensional security model of campus network for Hualian College. This firewall uses packet filtering technology, is built on the FreeBSD platform of a IPFilter software firewall. Because the configuration of the IPFilter firewall in the FreeBSD kernel involves writing rules, it is difficult for the general administrator to understand, which may result in the administrator unable to configure correctly. This paper constructs a website based on PHP language, and implements the configuration of IPFilter firewall on this website. It has many functions, such as filtering, state checking, traffic control, intelligent defense and so on. The firewall will create the first line of security for the security system of the campus network. However, the setting of firewall is only the first step of the campus network security model. The firewall has its shortcomings, such as it does not have the function of preventing the unsafe factors from the high-level protocol, not having the function of intrusion detection, etc. The function of this intelligent firewall needs to be further optimized. At the same time, other security strategies should be considered in order to perfect the security model of campus network, such as the hardware and software of network equipment, the security consciousness of campus network users and so on. Through the test and operation of the firewall system, the firewall system is more suitable for the application of campus network security system of Hualian University. Compared with the kernel firewall, it has the features of intuitive interface, simple operation and complete functions, which plays a better defensive role in the security of the whole campus network.
【学位授予单位】:华南理工大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08;TP393.18
本文编号:2261540
[Abstract]:With the rapid development of Internet technology, campus network has become an important platform for information sharing, information exchange and publicity in and out of colleges and universities. However, the campus network not only brings all kinds of vitality to the information construction of colleges and universities, but also brings severe challenges to the traditional security system of the campus. In particular, with the rapid development of information technology in colleges and universities, a large number of information materials are stored in the network of colleges and universities. The teaching, scientific research, management and service of colleges and universities depend more and more on the campus network. Once the network security problems arise, Information will be lost or unable to circulate in time, or be tampered with, added, deleted, destroyed, stolen, which will bring irreparable huge losses to the school. If the security of campus network can not be guaranteed, it will inevitably become an obstacle of information construction in colleges and universities. Firewall plays a very good role in the security of campus network. It makes intruders have to pass through the firewall security line before they can contact the target computer. Therefore, a high-performance firewall on campus network security plays a vital role. In order to perfect the security defense system of campus network, this paper starts with the development of an intelligent firewall suitable for the security model of campus network of Hualian University, and establishes a multi-dimensional security model of campus network for Hualian College. This firewall uses packet filtering technology, is built on the FreeBSD platform of a IPFilter software firewall. Because the configuration of the IPFilter firewall in the FreeBSD kernel involves writing rules, it is difficult for the general administrator to understand, which may result in the administrator unable to configure correctly. This paper constructs a website based on PHP language, and implements the configuration of IPFilter firewall on this website. It has many functions, such as filtering, state checking, traffic control, intelligent defense and so on. The firewall will create the first line of security for the security system of the campus network. However, the setting of firewall is only the first step of the campus network security model. The firewall has its shortcomings, such as it does not have the function of preventing the unsafe factors from the high-level protocol, not having the function of intrusion detection, etc. The function of this intelligent firewall needs to be further optimized. At the same time, other security strategies should be considered in order to perfect the security model of campus network, such as the hardware and software of network equipment, the security consciousness of campus network users and so on. Through the test and operation of the firewall system, the firewall system is more suitable for the application of campus network security system of Hualian University. Compared with the kernel firewall, it has the features of intuitive interface, simple operation and complete functions, which plays a better defensive role in the security of the whole campus network.
【学位授予单位】:华南理工大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08;TP393.18
【参考文献】
相关期刊论文 前8条
1 马轶文;;电力信息网的安全体系建设[J];山西电力;2005年06期
2 张俊祥;;高校校园网络安全现状分析与解决策略[J];数字技术与应用;2011年09期
3 褚建立;马雪松;;基于七级防护安全模型的校园网病毒防护措施[J];网络安全技术与应用;2007年06期
4 孙晓乐;高东怀;靳豪杰;;多维校园网安全模型研究[J];现代电子技术;2011年21期
5 李勇,宋晓霞;一种基于分布式防火墙的校园网安全模型[J];雁北师范学院学报;2004年06期
6 田密;史维峰;张瑞;;利用防火墙和入侵检测构建校园网安全模型[J];延安大学学报(自然科学版);2008年04期
7 陆峰骅;;校园网安全与防范研究[J];科技资讯;2010年32期
8 丛蓉,王秀坤,刘云飞,周岩;一种基于多维分析的校园网安全模型[J];中国医学教育技术;2004年04期
本文编号:2261540
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2261540.html
