摘要 |
PURPOSE: A system for back-tracking a network invader and a method therefor are provided to back-track a source of an invader invading a system of a subscriber network in an ISP provider, thereby preventing accident recurrence and supplying a more reliable Internet service. CONSTITUTION: An input module inputs a tracked IP address, authentication information, and a back-tracking control command. A router control module(242) accesses a router receiving the tracked IP address, and sets ACL(Access Control List) and logging functions for monitoring inputted/outputted packets. When packet statistic information, an origination address, a receiving address, and packet length information are inputted from the router, a session checking module(265) searches a destination connection session having the same statistic information as a currently tracking connection session. A back tracking processing module(263) controls the router control module(242) and the session checking module(265) according to an inputted/outputted control command, finds out a previous path system when the destination connection session information is inputted, and controls the router control module(242) and the session checking module(265) for the previous path system. An output module outputs a tracking process state and a tracking result.
|