Linux·ÀÈëÇÖ snortµÄ°²×°ÓëÅäÖÃ

ÈëÇÖ¼ì²âϵͳ£¨IDS£©ÊǶԼÆËã»úºÍÍøÂçϵͳ×ÊÔ´ÉϵĶñÒâʹÓÃÐÐΪ½øÐÐʶ±ðºÍÏìÓ¦µÄ´¦Àíϵͳ£¬ËüÏñÀ״ﾯ½äÒ»Ñù£¬ÔÚ²»Ó°ÏìÍøÂçÐÔÄܵÄÇ°ÌáÏ£¬¶ÔÍøÂç½øÐо¯½ä¡¢¼ì²â£¬´Ó¼ÆËã»úÍøÂçµÄÈô¸É¹Ø¼üµãÊÕ¼¯ÐÅÏ¢£¬Í¨¹ý
 
·ÖÎöÕâЩÐÅÏ¢£¬²é¿´ÍøÂçÖÐÊÇ·ñÓÐÎ¥·´°²È«²ßÂÔµÄÐÐΪºÍÔâµ½¹¥»÷µÄ¼£Ï󣬴ӶøÀ©Õ¹ÁËϵͳ¹ÜÀíÔ±µÄ°²È«¹ÜÀíÄÜÁ¦£¬Ìá¸ßÁËÐÅÏ¢°²È«»ù´¡½á¹¹µÄÍêÕûÐÔ¡£Ò»°ãÀ´Ëµ£¬IDSÊÇ×÷Ϊ·À»ðǽµÄ²¹³ä£¬ËùÒÔIDSÒ»°ã´¦ÓÚ·À»ðǽ֮ºó£¬¿ÉÒÔ¶ÔÍøÂç»î¶¯½øÐÐʵʱ¼ì²â£¬²¢¸ù¾ÝÇé¿ö¼Ç¼ºÍ½ûÖ¹ÍøÂç»î¶¯¡£
ÈëÇÖ¼ì²âϵͳIDS¸ù¾Ý¹¤×÷µÄÖص㲻ͬ£¬¿É·ÖΪ»ùÓÚÖ÷»úµÄÈëÇÖ¼ì²âϵͳºÍ»ùÓÚÍøÂçµÄÈëÇÖ¼ì²âϵͳ¡£ÈëÇÖ¼ì²âϵͳ¹¹³ÉÒ»°ã·ÖΪ£¬Á½¸ö²¿·ÖÒ»¸ö²¿·ÖÊǼì²âµÄ²¿·Ö£¨Sensor£©£¬Ò»²¿·ÖÊÇ´¦Àí±¨¾¯½á¹ûµÄ¿ØÖÆ̨¡£²»Í¬µÄÈëÇÖ¼ì²âµÄ¹¹³ÉÒ²²»Ì«Ò»Ñù´óÖ¶¼¾ßÓпØÖÆ̨ºÍSensorÁ½¸ö»ù±¾²¿·Ö£¬»ùÓÚÖ÷»úµÄÈëÇÖ¼ì²â¶à°ëÔÚÖ÷»úÉÏ°²×°Ò»¸ö´úÀí³ÌÐòÀ´ÊÕ¼¯ÏµÍ³ÐÅÏ¢ÏòSensor»ã±¨¡£
ÈëÇÖ¼ì²âϵͳµÄ¼ì²âÐÅÏ¢À´Ô´¶¼ÊÇͨ¹ý×ÔÉíµÄ¼ì²â²¿·ÖSensor µÃµ½µÄ¡£
¡¡¡¡
»ùÓÚÍøÂçµÄÈëÇÖ¼ì²â£¬Ö÷ÒªÊÇͨ¹ý¶ÔÍøÂçÊý¾Ý°üµÄ½ØÈ¡·ÖÎö£¬À´²éÕÒ¾ßÓй¥»÷ÌØÐԺͲ»Á¼ÆóͼµÄÊý¾Ý°üµÄ¡£ÔÚÍøÂçÀï»ùÓÚÍøÂçµÄÈëÇÖ¼ì²âϵͳµÄ¼ì²â²¿·Ö Sensor Ò»°ã±»²¼ÖÃÔÚÒ»¸ö½»»»»úµÄ¾µÏó¶Ë¿Ú£¨»òÕßÒ»¸öÆÕͨµÄHUBÈÎÒâ¶Ë¿Ú£©£¬ÌýÈ¡Á÷¾­ÍøÂçµÄËùÓÐÊý¾Ý°ü£¬²éÕÒÆ¥ÅäµÄ°ü£¬À´µÃµ½ÈëÇÖµÄÐÅÏ¢Ô´¡£
¡¡¡¡
»ùÓÚÖ÷»úµÄÈëÇÖ¼ì²âϵͳµÄSensor ²»¿ÉÄÜÖ±½Ó´ÓϵͳÄÚ²¿»ñÈ¡ÐÅÏ¢µÄ£¬ËüÊÇҪͨ¹ýÒ»¸öÊÂÏÈ×öºÃµÄ´úÀí³ÌÐò£¬°²×°ÔÚÐèÒª¼ì²âµÄÖ÷»úÀïµÄ£¬ÕâЩ´úÀí³ÌÐòÖ÷ÒªÊÕ¼¯ÏµÍ³ºÍÍøÂçÈÕÖ¾Îļþ£¬Ä¿Â¼ºÍÎļþÖеIJ»ÆÚÍûµÄ¸Ä±ä£¬³ÌÐòÖ´ÐÐÖеIJ»ÆÚÍûÐÐΪ£¬ÎïÀíÐÎʽµÄÈëÇÖÐÅÏ¢¡£
»ùÓÚÍøÂçµÄÈëÇÖ¼ì²âϵͳµÄ¼ì²â¶ËSensorÒ»°ã±»²¼ÖÃÔÚÍøÂçµÄºËÐĽ»»»»ú£¬»òÕß²¿ÃŽ»»»µÄ½»»»»úµÄ¾µÏó¶Ë¿Ú£¨²ÉÈ¡°ÑSensor ·ÅÔÚºËÐĽ»»»»úÆ÷µÄ¾µÏñ¶Ë¿Ú»¹ÊDz¿ÃŽ»»»»úµÄ¾µÏñ¶Ë¿Ú£¬Ö÷ÒªÓÉÍøÂçµÄÁ÷Á¿ºÍ¿Í»§»úµÄÊýÁ¿£¬ÒÔ¼°ÈëÇÖ¼ì²âµÄ´¦ÀíÄÜÁ¦ºÍÍøÂç·¢Éú¹¥»÷µÄƵ·±³Ì¶ÈÀ´¶¨µÄ£©ÔÚÍø¹ÜµÄ»úÆ÷ÉÏ£¬°²×°ÉÏÈëÇÖ¼ì²âϵͳµÄ¿ØÖÆ̨£¬×ö±¨¾¯´¦Àí£¬ÔÚÖØÒªµÄ·þÎñÆ÷»òÕßÓбØÒªµÄ¿Í»§¶Ë°²×°´úÀí³ÌÐòÊÕ¼¯ÏµÍ³ºÍÍøÂçÈÕÖ¾µÈϵͳÐÅÏ¢£¬Ñ°ÕÒ¾ßÓй¥»÷ÌØÐÔµÄÊý¾Ý°ü¡£¼¼ÊõÈËÔ±¶ÔÀ´×ÔÖ÷»úµÄºÍÍøÂçµÄ¼ì²âÐÅÏ¢½øÐзÖÎöºÍ¼à¿Ø¡£
SnortÊÇÄ¿Ç°Ó¦ÓÃ×îΪ¹ã·ºµÄÒ»¸öIDS²úÆ·£¬Ëü±»¶¨Î»ÎªÒ»¸öÇáÁ¿¼¶µÄÈëÇÖ¼ì²âϵͳ£¬Ëü¾ßÓÐÒÔϼ¸¸öÌص㣺
£¨1£© ËüÊÇÒ»¸öÇáÁ¿¼¶µÄÍøÂçÈëÇÖ¼ì²âϵͳ£¬ËùνÇáÁ¿¼¶ÊÇÖ¸¸ÃÈí¼þÔÚÔËÐÐʱֻռÓü«ÉÙµ