检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:辜苛峻 张连成[1,2] 郭毅 孔亚洲[1,2] 王振兴 Gu Kejun;Zhang Liancheng;Guo Yi;Kong Yazhou;Wang Zhenxing(Information Engineering University, Zhengzhou 450001, China;State Key Laboratory of Mathematical Engineering & Advanced Computing, Zhengzhou 450001, China)
机构地区:[1]信息工程大学,郑州450001 [2]数学工程与先进计算国家重点实验室,郑州450001
出 处:《计算机应用研究》2019年第7期2154-2158,共5页Application Research of Computers
基 金:国家自然科学基金资助项目(61402526,61402525)
摘 要:为测试IPv6防火墙对潜在IPv6网络威胁的防护能力,研究了IPv6防火墙防护能力评测方法。通过对IPv6协议的研究,构造了针对ICMPv6、单一扩展报头、多扩展报头、分片、地址范围的五类存在安全隐患的测试数据包,构建了C/S架构的防火墙测试框架;基于框架和测试数据包构建了用于各类测试的独立测试模块,搭建了可用于测试有状态防火墙的测试环境,并提供了相应的测试方法。利用所提出的方法,对思科ASA5505防火墙进行了测试,发现了它的一些优点与不足。In order to test the defensive capability of IPv6 firewall to against potential IPv6 network threats, this paper studied IPv6 firewall defensive capability testing technology. Through the research of IPv6 protocol, this paper constructed five kinds of test packets with security risks, such as ICMPv6, single extended header, multi-extension header, fragmentation and address scopes, and proposed a firewall testing framework with C/S architecture. It built independent test modules for every kind of testing based on the framework and test packets, set up test environments that could be used to test stateful firewalls, and provided appropriate test methods. Using the method, this paper tested a Cisco ASA5505 firewall and found its advantages and disadvantages.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.229