Uma Metodologia para Verificação de Filtros de Pacotes

  • André Luís Fávero UFRGS
  • Raul Fernando Weber UFRGS
DOI: https://doi.org/10.5753/sbseg.2005.21556

Abstract


This paper describes a methodology for coherence verification in packet filters. For this purpose, each pair of filtering rules are compared, looking for errors, partial or total redundancy, or for situations that should be further analyzed (warnings). The proposed methodology can be used not only in a single filter but also in hierarchically distributed filters. Stateless and stateful filters are also considered into the verification process.

References

Al-shaer, Ehab, Hamed, Hazem. Discovery of Policy Anomalies in Distributed Firewalls. IEEE INFOCOMM'04, Mar. 2004.

Al-shaer, Ehab, Hamed, Hazem. Firewall Policy Advisor for Anomaly Detection and Rule Editing. IEEE/IFIP Integrated Management IM'2003, Mar. 2003.

Cheswick, William R., Bellovin, Steven M., Rubin, Aviel D. Firewalls e Segurança na Internet: repelindo o hacker ardiloso. 2.ed. Porto Alegre: Bookman, 2005.

Northcutt, Stephen, et al. Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems. 1.ed Sams, Jun. 2002.

Liu, Alex X., Gouda, Mohamed G., The University of Texas at Austin. Diverse Firewall Design, 2004 International Conference on Dependable Systems and Networks (DSN'04), Florence, Italy, Jun. 2004.

Wang, Dong, Hao, Ruibing, Lee, David. Fault detection in Rule-based Software systems. Information & Software Technology, v. 45, n. 13, Out. 2003.
Published
2005-09-26
How to Cite

Select a Format
FÁVERO, André Luís; WEBER, Raul Fernando. Uma Metodologia para Verificação de Filtros de Pacotes. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 5. , 2005, Florianópolis. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2005 . p. 351-354. DOI: https://doi.org/10.5753/sbseg.2005.21556.

Most read articles by the same author(s)