Discovering last-matching rules in popular open-source and commercial firewalls. (12th April 2010)
- Record Type:
- Journal Article
- Title:
- Discovering last-matching rules in popular open-source and commercial firewalls. (12th April 2010)
- Main Title:
- Discovering last-matching rules in popular open-source and commercial firewalls
- Authors:
- Salah, K.
Sattar, K.
Baig, Z.A.
Sqalli, M.H.
, P. Calyam - Abstract:
- Denial of service (DoS) attacks pose a major threat to the smooth operations of critical network resources. Network firewalls act as the first line of defence against unwanted and malicious traffic. Firewalls themselves can become target of DoS attacks. In a prior work (Salah et al., 2009), we studied the resiliency and robustness of open-source network firewalls against the remote discovery of the last-matching rules. If last-matching rules are discovered, an attacker can launch an effective and slow-rate DoS attack which can bring down the firewall to its knees. In this paper, we examine and compare the resiliency of five of the most popular network firewalls, considering both open-source and commercial ones; namely, Linux NetFilter, Linux IPSets and FreeBSD ipfw, Cisco PIX and Cisco ASA. Our results show significant variations in the resiliency of these five firewall technologies, with Cisco ASA being the most resilient and Cisco PIX being the most vulnerable.
- Is Part Of:
- International journal of internet protocol technology. Volume 5:Number 1/2(2010)
- Journal:
- International journal of internet protocol technology
- Issue:
- Volume 5:Number 1/2(2010)
- Issue Display:
- Volume 5, Issue 1/2 (2010)
- Year:
- 2010
- Volume:
- 5
- Issue:
- 1/2
- Issue Sort Value:
- 2010-0005-NaN-0000
- Page Start:
- 23
- Page End:
- 31
- Publication Date:
- 2010-04-12
- Subjects:
- network security -- firewalls -- DoS attacks -- denial of service -- open source firewalls -- last-matching rules -- commercial firewalls -- resiliency
File Transfer Protocol (Computer network protocol) -- Periodicals
Multicasting (Computer networks) -- Periodicals
004.678 - Journal URLs:
- http://www.inderscience.com/jhome.php?jcode=ijipt ↗
http://www.inderscience.com/ ↗ - Languages:
- English
- ISSNs:
- 1743-8209
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 8707.xml