摘 要
Web服務器往往得不到傳統(tǒng)防御方式的有效保護,使其成為整個網(wǎng)絡環(huán)境中安全最薄弱的地方。緩沖區(qū)溢出、SQL注入、基于腳本的DDos、盜鏈和跨站等攻擊行為對Web服務器的安全和穩(wěn)定造成極大的威脅,而目前缺少有效的防御和保護的方式。本課題中首先調研了當前Web服務器所面對的威脅,然后針對這些安全威脅設計了一套入侵防御系統(tǒng),并通過ISAPI實現(xiàn)了對Windows平臺下的IIS服務器的保護。在這套入侵防御系統(tǒng)中,可以通過制定策略來檢測所有訪問Web服務器的行為,可以有效地阻止惡意攻擊從而保護Web服務器的安全。這套入侵防御系統(tǒng)的策略引擎可以加載和調用Lua語言編寫的策略腳本,使策略腳本的編寫更加簡單。
關鍵詞: 入侵防御;網(wǎng)絡安全;ISAPI;Lua
Design and Implementation of Web Intrusion Prevention System
Abstract
Web server can not often get the effective protection of traditional defense mechanism, makes it become the weakest area in the whole network. The attacks, such as Buffer overflow, SQL injection, DDos based on script, Resource steal and Cross-site, cause the great threat to the security and stability of Web server, and lack effective defense and protection way at present. This paper introduces the different attack ways to a Web server at first, then designs an intrusion prevention system for the Web server and implements the protection of IIS server under Windows platform through ISAPI. The intrusion prevention system can measure the behaviors of all visiting Web servers through the strategies and protect the Web Server against the malicious attacks. The security strategies engine of the system can load and transfer the strategy scripts written in Lua language, It make strategy scripts writing more simpler.
Key words: Intrusions prevention; network security; ISAPI; Lua
