检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]清华大学网络中心,北京100084
出 处:《计算机工程与应用》2006年第8期110-113,共4页Computer Engineering and Applications
摘 要:Internet蠕虫爆发后,在大规模网络中,由于易感主机和被感染主机数量很多,构成了良好的蠕虫生存环境。实践证明常用的路由封堵、控制策略只在蠕虫爆发初期有效,在长时间的封堵后,网络中仍然存在大量被感染主机,这些主机不停活动,攻击其它易感主机。文章提出利用DNS服务疏导被感染主机访问告警服务器的方法,及时通知被感染主机的使用者对本机采取相应处理措施,从而达到在网管人员和用户共同配合下迅速消灭蠕虫的效果。该文详细给出了利用DNS服务针对网络中被感染主机进行疏导的系统设计与实现。通过对清华大学校园网实施后的数据统计分析,证明这种方法是快速有效的。In large scale network,a mass of susceptible machines and infected machines form a prefect environment for Internet worm living.Setting ACL on router only works at the beginning of worm broken out to steady situation,but there are still lots of infected machines in network after that.It would be a long term if network operators passively wait for each user to eliminate worm from his infected machine by hlmself.in this paper,it is discussed that taking advantage of DNS hijacking lead user's traffic to a warning machine so that user can be informed there are some thing wrong with his machine and know how to deal with the problems.The concrete DNS-hijacking-containing project was implemented in Tsinghua University and the statistics of data shows that Internet worms are cleared up very quickly in a large scale network as Tsinghua University.
关 键 词:INTERNET蠕虫 蠕虫防治 DNS劫持 网络安全
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222