Greetings to everyone, Ask for advice for network intrusion detection. When we are going to write a simple software for network intrusion detection in a gate way through checking the tcp packets' head,what field and statistic must be memorized,such as Source IP/port,Destination IP/Port,traffic ....,and why? And where I can find the materials quickly? _____________________________________________ 一路上有你,苦一点也愿意! --为你喜爱与支持的263首都在线(http://www.263.net)投一票! 我要投票!(http://fsurvey.cnnic.net.cn/survey/index.html) - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu
