With the growing of Internet and the well developed high speed network, a lot of malicious software, such as computer viruses or worms, spread over network. In campus network environment, the viruses spread rapidly because the density of computers is so high and the speed of local area network is so fast. The rapid spread viruses cause the heavy loading of servers and network devices. Furtheffi1ore, the network services might be interrupted or even down. Understanding the concepts of the network operation and the attacking techniques of viruses, we take the advantages of open source UNIX systems such as FreeBSD and Linux to establish a network protection system providing distributed abnormal traffic detection and a centralized policy enforcement mechanism. With the information of users and their MAC addresses, the system can notify the users generating abnormal traffic automatically and take proper actions to protect campus network immediately.