Popis: |
The paper describes an HTTP-request filtering method at packet level by using post-analysis of the passed request to control access to a web-resource. Unlike methods using preliminary analysis of requests, in this method the request is analyzed not before it is sent to the Internet to the webserver on which the requested resource is placed, but after, at the time while the request over communication lines comes to the web-server, which generates a response, and the response message comes back to the filter. Depending on the check results the response received from the web-server by filter device is passed to the user or locked. The approach of such kind reduces the time to wait for the answer on request to the resource in comparison to methods that use preliminary analysis of the request before it is sent to web-server. |