【摘要】 Windows平台Snort入侵检测系统包括:Winpcap(抓包库),Snort(入侵探测器),Mysql(基于SQL数据库服务器),IIS,ACID(基于Web入侵事件数据库分析控制台)。Snort对数据包进行规则匹配并检测入侵行为和探测活动,IIS为ACID提供网络服务,ACID查看分析Mysql数据库数据,生成网络入侵事件报告图表。更多还原

【Abstract】 Intrusion detection system based on Snort and Windows includes Winpcap (A packet filter), Snort (A lightweight network intrusion detection system), Mysql (A database sever based on SQL), IIS, ACID (Analysis Console for Intrusion Databases using a web browser). The data packet was matched by Snort through rules and intrusion and detection action was detected by Snort. The network serve was supplied by IIS for ACID, and the data of MySQL database were viewed analyzed by ACID to create the report diagrams for detection events of network.更多还原