Sciweavers

ISSA
2004

Run-Time Protocol Conformance Verification In Firewalls

14 years 27 days ago
Run-Time Protocol Conformance Verification In Firewalls
Today, business continuity depends significantly on the continuous availability of information systems. It is well-known that such systems must be protected against intrusion and denial of service attacks. Historically, many of such attacks used ill-formed data-packets and/or protocol runs, which did not conform to the protocols' standards. Attackers exploited vulnerabilities of the protocols' implementations in the servers' operating systems: conformance with protocol standards was not tested properly. Prominent examples are: the ping of death, the land attack, the SYN flood attack. To protect information systems better, one should aim to recognize and block such attacks as early as possible, i.e. already in a firewall at a company network's border. We will discuss in this paper the design of a run-time protocol-verifier and data-packet sanity-checker we will use to complement the Intelligent Firewall, which is currently developed in the Janus project. The present...
Ulrich Ultes-Nitsche
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2004
Where ISSA
Authors Ulrich Ultes-Nitsche
Comments (0)