You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Firewalls

Firewalls White Papers

Firewall Policy Reconstruction by Active Probing: An Attacker's View

Tags:
firewalls

Overview Having a firewall policy that is correct and complete is crucial to the safety of the computer network. An adversary will benefit a lot from knowing the policy or its semantics. This paper shows how an attacker can reconstruct a firewall's policy by probing the firewall by sending tailored packets into a network and forming an idea of what the policy looks like. It presents two approaches of compiling this information into a policy that can be arbitrary close to the original one used in the deployed firewall. The first approach is based on region growing from single firewall response to sample packets. The other approach uses split-and-merge in order to divide the space of the firewall's rules and analyzes each independently.

Further White Paper Details
Publisher	DePaul University	File Format	PDF
Date Published	August 2006
Format	White Papers
Topics	Firewalls, Network Security, Security Tools

Did you find this white paper useful? 2 out of 3 users found this white paper useful

Balancing Security Against Productivity

Publisher:
Novell

Security: New strides in preventing intrusions.

Publisher:
IBM

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

Total Endpoint Protection: Lower Costs and Increase Compliance

Publisher:
McAfee

Tags:
firewalls

Housing benefit? Tailored high-tech office space comes to London

They point to its accessibility, its space, and the ability these days to turn the most barren of environments into the kind of buzzing spaces that allow the cross pollination of ideas start-ups thrive on.

Channel:
Comment & Analysis

Strangling the virus; the big number change, and big banker gains.

This has the very obvious effect of showing up viruses that are propagated by sending themselves to every entry in an address book. DERA's approach is perhaps the most simple imaginable - to request confirmation from a user before sending email...

Channel:
Comment & Analysis

Convergence: IPv6 migration - a necessary pain?

This authentication is particularly important to safeguard against spoofers who configure a host to generate packets with forged source address,” explains Jerome Law at Vanco. This is why Asian equipment vendors like Hitachi and NEC and governments...

Cracked: The Great Firewall of China

If an attacker generated 100 triggering packets per second, and each packet caused 20 minutes of disruption, 120,000 pairs of endpoints could be prevented from communicating at any one time. If an attacker had identified the machines used by...

Windows worm holes plugged

Three of the security holes could be exploited remotely by an anonymous attacker without the user having to take any action, such as clicking on a link. Microsoft said in its security bulletin, which it rates "critical": "An attacker who...

Microsoft warns of 'critical' Windows flaw

Microsoft said in the advisory: "An anonymous attacker could try to exploit the vulnerability by sending a specially crafted RPC packet to an affected system. The attacks happen by sending rigged data to the service, which by design is meant to...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Firewalls White Papers

Firewall Policy Reconstruction by Active Probing: An Attacker's View

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific