《网络安全与防火墙 英文文献翻译》由会员分享,可在线阅读,更多相关《网络安全与防火墙 英文文献翻译(6页珍藏版)》请在金锄头文库上搜索。
1、Abstract:As the key facility that maintains the network security , firewalls take the purpose of establishing an obstacle between trust and trustless network, and put corresponding safety strategy into practice. In this paper , the computer network security and the techniques of firewalls were mainl
2、y discussed, the concept and classification of the firewalls were introduced. It also introduced three kinds of basic implement techniques of the firewalls: Packet filtering , Application Proxy and Monitor model in detail. Finally described the trend of development of the firewalls techniques in Int
3、ernet briefly.Key words: network security, firewalls, Packet filtering, monitor1. Introducti onNow with the computer network and e-commerce used widely, network security has become an important problem that we must consider and resolve. More and more professions. enterprises and individuals surfer f
4、rom the security problem in different degree. they are looking for the more reliable safety solution . In the defense system adopted by network security at present, the firewalls stand the very important position.As the key facility that maintains the network security. firewalls take the purpose of
5、establishing an obstacle between trust and trustless network, and put corresponding safety strategy into practice.All the firewalls have the function to filter the IP address. This task checks the IP packet, makes the decision whether to release or to abandon it according to the source address and d
6、estination address of the IP. Shown in Fig.I, there is a firewall between two network sections, an UNIX computer is on one side of the firewall, and the other side is a PC client. While the PC client asks a telnet request for the UNIX computer, the client procedure of telnet in the PC produces a TCP
7、 packet and passes the packet to the local protocol stack to prepare to send. The protocol stack fills it in one IP packet. then, sends it to UNIX computer through the path defined by the TCP/IP stack of PC. The IP packet cant reach the UNIX computer until it passes the firewall between thePC and th
8、e UNIX computer.Fig. I Ip Address FilteringThe application firewall is a very efficient means of network security on Internet, it is installed between the trust and trustless network, can isolate the connection between the trust and trustless network, and doesnt hamper peoples access to the trustles
9、s network at the same time. It can isolate the connection between the risk area (namely there may be a certain risk on Internet) and the safe area (LAN), and doesnt hamper peoples access to the risk area at the same time. Firewall can monitor the traffic flowing in and out from the network to finish
10、 the task seemingly impossible;it only allows the safe and checked information to enter into, and meanwhile resists on the data that may bring about the threat to enterprise. As the fault and defect of the security problem becomemore and more general, the invasion to the network not only comes from
11、the super attack means, but also may be from the lower-level mistakes or improper password selections on the configuration. So, the function of the firewalls is preventing the communication that not hoped and authorized passes in and out of the network protected. forcing the companies to strengthen
12、their own network security policy. The general firewalls can achieve the following purposes: First, restraining others from entering the inside network, filtering the unsafe service and illegal user; Second, preventing the invaders from closing to your defense installation; Third,limiting the user t
13、o access the special site; Fourth,providing convenience for monitoring the Internet security.2. The classification and implement technology of firewallsAn integrated firewalls system usually consists of screening router and proxy server. The screening router is a multi-port IP router. it check the e
14、ach coming IP packet according to the group regular to judge whether to transmit it. The screening router gets information from the packet. fot example the protocol number. the IP address and port number that receiving and sending massages. the flag of link even some other IP selections. filtering I
15、P packet. The proxy server are server process in the firewall. it can replace the network user to finish the specific TCP/IP function. A proxy server is naturally a gateway of application layer. a gateway of two networks joined specific network application. Users contact with proxy server by one of
16、the TCP/IP application such as Telnet or FTP. the proxy server ask the users for the name of the remote host. which users want to access. After the users have answered and offered the correct users identities and authentication information, the proxy server communicates the remote host, act as the relay between two communication sites. The whole course can be totally transparent to users.There are mainly three types in the firewalls: packet filtering. applicati
