Página 1 dos resultados de 273 itens digitais encontrados em 0.002 segundos

## Um sistema para análise ativa de comportamento de firewall.; A system for active analysis of firewall behavior.

Barbosa, Ákio Nogueira
Fonte: Biblioteca Digitais de Teses e Dissertações da USP Publicador: Biblioteca Digitais de Teses e Dissertações da USP
Tipo: Dissertação de Mestrado Formato: application/pdf
Relevância na Pesquisa
27.61%
Devido à importância dos firewalls para proteção de redes de computadores, muito se estuda no sentido do aprimoramento das técnicas de proteção e no desenvolvimento de novas técnicas para serem utilizadas na análise destes. Com enfoque neste tema, esta dissertação trata a respeito da viabilidade da técnica de injeção de pacotes e observação dos resultados para analisar o comportamento de firewalls de rede para a pilha TCP/IP, resultando em uma técnica alternativa para análise de firewalls. Para mostrar a validade da técnica foi proposta uma arquitetura e, como prova de conceito, foi implementado um protótipo do sistema de análise. Foram também efetuados alguns testes. A técnica de injeção de pacotes e observação dos resultados mostrou-se viável para algumas situações. Para outras, são necessárias estudos adicionais para redução da explosão combinatória.; Due to the importance of the firewalls for protection of network computers, a lot of studies has been done in order of the improvement of the protection techniques and in the development of new techniques to be used in the analysis of them. With focus in this theme, this thesis considers the viability of the technique of injection of packages and observation of the results to analyze the behavior of network firewalls for stack TCP/IP...

## Estudo sobre a extração de políticas de firewall e uma proposta de metodologia; A Study about firewall policy extraction and a proposal for a methodology

Horowitz, Eduardo
Tipo: Dissertação Formato: application/pdf
Português
Relevância na Pesquisa
37.98%

## Utilização do Snort para a avaliação da eficácia de firewalls

Tessaro, Ananias
Tipo: Trabalho de Conclusão de Curso Formato: application/pdf
Português
Relevância na Pesquisa
27.85%
A informação, independente do seu formato, é um dos maiores patrimônios de uma organização moderna, sendo vital para quaisquer níveis hierárquicos e dentro de qualquer instituição que deseja manter-se competitiva no mercado. Ciente dessa importância, este trabalho pretende focar na segurança da informação. Tecnologias como Firewall, antivírus e Sistemas de Detecção de Intrusão têm a finalidade de ajudar a proteger as empresas de ataques e vazamento de dados pela rede, funcionando, de certa forma, como um cão de guarda virtual que assiste a rede e hosts específicos em busca de comportamento suspeito. Dentre uma série de mecanismos relacionados à segurança das informações está o firewall que é responsável por filtrar a entrada e saída de pacotes das redes, peça fundamental que funciona como porta de entrada para muitos problemas. As câmeras de segurança vigiam quem entra e quem sai de um local. Por que não usar o mesmo artifício para verificar o que está entrando e saindo de uma rede com a finalidade de avaliar a segurança dessa e descobrir possíveis vulnerabilidades dos mecanismos que deveriam impedir esse acesso? A proposta desse trabalho foi fazer um estudo de conceitos básicos relacionados ao gerenciamento dos riscos relativos às falhas de dispositivos de segurança...

## Firewall Dinâmico: uma implementação cliente/servidor

Gonsales Panes, Guilherme
Tipo: Dissertação de Mestrado Formato: 71 f. : il.
Português
Relevância na Pesquisa
37.94%

## DroidGuardian : an application firewall for android OS-based devices

Gonçalo, Rui Miguel de Carvalho Videira
Relevância na Pesquisa
37.49%
Dissertação de Mestrado em Informática; Mobile devices running Android operating system are increasingly used to surf the web, and, generally speaking, to access a broad spectrum of network-based services. Its successful deployment as a mobile platform, however, also means it is an increasingly relevant target of malicious efforts that try to identify and exploit its vulnerabilities, and to gain access to valuable personal and organizational data. On the other hand, Android OS-based devices could be used as a valuable on-site security auditing tool, but lack a set of coherent and fully functional applications, specially developed for this inherently resource-constrained platform. The ultimate goal of this project is to start the development of a set of coherent and integrated tools that, ultimately, will enable Android OS-based devices to be used in network security auditing. These tools will include traffic filtering, network mapping, vulnerability assessment and intrusion detection. This project will also help identify and raise awareness to current network-based threats to Android OS-based devices.; Os dispositivos moveis que correm o sistema operativo Android s ´ ao bastante usados para navegar ˜ na Internet e para usufruir de uma vasta gama de servic¸os online. O seu enorme sucesso enquanto sistema para dispositivos moveis coloca-o num patamar de alto risco...

## Arquitetura de alta disponibilidade para Firewall e IPS baseada em SCTP

Lopes Filho, Edmo
Tipo: Dissertação
Português
Relevância na Pesquisa
27.61%

## Evaluation of Embedded Firewall System

Rumelioglu, Sertac.
Português
Relevância na Pesquisa
27.61%
The performance aspect and security capabilities of the Embedded Firewall (EFW) system are studied in this thesis. EFW is a host-based, centrally controlled firewall system consisting of network interface cards and the "Policy Server" software. A network consisting of EFW clients and a Policy Server is set up in the Advanced Network Laboratory at the Naval Postgraduate School. The Smartbits packet generator is used to simulate realistic data transfer environment. The evaluation is performed centered on two main categories: performance analysis and security capability tests. TTCP program and a script written in TCL are used to perform throughput and packet loss tests respectively. The penetration and vulnerability tests are conducted in order to analyze the security capabilities of EFW. Symantec Personal Firewall is used as a representative application firewall for comparing test results. Our study shows that EFW has better performance especially in connections with high amounts of encrypted packets and more effective in preventing insider attacks. However, current implementation of EFW has some weaknesses such as not allowing sophisticated rules that application firewalls usually do. We recommend that EFW be used as one of the protection mechanisms in a system based on the defense-in-depth concept that consists of application firewalls...

## Segurança em Bluetooth para Dispositivos Móveis

Alfaiate, João
Fonte: Instituto Politécnico da Guarda Publicador: Instituto Politécnico da Guarda
Português
Relevância na Pesquisa
27.49%

## Network security and the NPS Internet firewall; NA

Schively, Jody L.
Tipo: Tese de Doutorado Formato: 105 p.;28 cm.
Português
Relevância na Pesquisa
27.76%
As the Naval Postgraduate School's (NPS) computer network continues to incorporate computers with a wide variety of security holes, it is vital that an Internet firewall be installed to provide perimeter security for NPS from the Internet. NPS has had systems compromised by unauthorized individuals who have gained access via the Internet. The approach taken by this thesis was to analyze the type of Internet firewalls available and chose a design that provides the protection required at NPS while maintaining the Internet functionality desired. After choosing the appropriate type of firewall, it was tested for functionality and performance. The functionality test successfully validated that the bootp, netwall, tftp, sunrpc, and nfsd packets could he blocked while other network services remained functional. The performance testing process first monitored existing traffic to and from the BARRNET and DDN routers. The second step determined the firewall's performance with a well known network measurement tool, New Test TCP/IP (ntrcp). The existing data rates to and from the Intemet are on average 438 kilobjis per second and the nttcp tests showed that the firewall could run at 600 kilobits per second. These results validated that the firewall could maintain the data rates currently required to the Internet. This thesis resulted in a firewall...

## Implementação de um sistema seguro, robusto e redundante

Duarte, Fernando Tiago Lopes da Costa
Fonte: Instituto Politécnico do Porto. Instituto Superior de Engenharia do Porto Publicador: Instituto Politécnico do Porto. Instituto Superior de Engenharia do Porto
Relevância na Pesquisa
27.49%

## Metodologia para detecção de incoerências entre regras em filtros de pacotes; Methodology for incoherencies identification among packet filters rules

Favero, Andre Luis
Tipo: Dissertação Formato: application/pdf
Português
Relevância na Pesquisa
27.81%
Embora firewall seja um assunto bastante discutido na área de segurança da informação, existem lacunas em termos de verificação de firewalls. Verificações de firewalls têm o intuito de garantir a correta implementação dos mecanismos de filtragem e podem ser realizadas em diferentes níveis: sintaxe das regras; conformidade com a política; e relacionamento entre as regras. Os aspectos referentes a erros de sintaxe das regras são geralmente tratados pela ferramenta de filtragem em uso. O segundo nível, no entanto, depende da existência de uma política formal e documentada, algo não encontrado na maioria das organizações, e de uma metodologia eficaz que, através da entrada da política de segurança e do conjunto de regras de firewall implementado, possa comparálas e apontar as discrepâncias lógicas entre a especificação (política) e a implementação (regras). O último, verificação dos relacionamentos entre regras, não requer qualquer documentação, uma vez que somente o conjunto de regras do firewall é necessário para a identificação de incoerências entre elas.Baseado nessas considerações, este trabalho objetivou o estudo e a definição de uma metodologia para a análise de relacionamentos entre regras...

## Análisis de rendimiento (QOS) en tres arquitecturas de seguridad basadas en firewall

Álvarez Roa, Nury Julieth
Tipo: BachelorThesis; Trabajo de grado Formato: pdf
Português
Relevância na Pesquisa
27.69%

## FireViz : a personal firewall visualizing tool; FireViz : a personal network firewall visualizing tool

Sharma, Nidhi
Fonte: Massachusetts Institute of Technology Publicador: Massachusetts Institute of Technology
Tipo: Tese de Doutorado Formato: 95 p.; 4618721 bytes; 4622665 bytes; application/pdf; application/pdf
Português
Relevância na Pesquisa
27.61%
In this thesis, I present FireViz, a personal firewall visualizing tool. FireViz visually displays activities of a personal firewall in real time. The primary goal of FireViz is to educate typical computer users of the security threats their computers are exposed to when connected to a network and expose any potential loop holes in the firewall's security policies. To this end, FireViz presents a novel visualization paradigm that provides users with an informative yet non-intrusive interface to their network and firewall. FireViz achieves this by incorporating a peripheral mapping of the network on the user's screen and displaying network events along this periphery. Information about network events is encoded visually to help users develop a more intuitive model of the network at a low cost. The peripheral nature of FireViz along with the use of non-modal visual displays allows users to easily understand network events without obstructing their primary tasks. The visualization is also capable of highlighting exceptional events that may represent potential threats without relying on the end user to understand ally threat model. Thus, FireViz aims to provide users with a superior framework for understanding the network security model and achieving improved system security in the process.; by Nidhi Sharma.; Thesis (M. Eng.)--Massachusetts Institute of Technology...

## Large-scale Spatiotemporal Characterization of Inconsistencies in the World's Largest Firewall

Ensafi, Roya; Winter, Philipp; Mueen, Abdullah; Crandall, Jedidiah R.
Tipo: Artigo de Revista Científica
Relevância na Pesquisa
27.61%
A nation-scale firewall, colloquially referred to as the "Great Firewall of China," implements many different types of censorship and content filtering to control China's Internet traffic. Past work has shown that the firewall occasionally fails. In other words, sometimes clients in China are able to reach blacklisted servers outside of China. This phenomenon has not yet been characterized because it is infeasible to find a large and geographically diverse set of clients in China from which to test connectivity. In this paper, we overcome this challenge by using hybrid idle scan techniques that are able to measure connectivity between a remote client and an arbitrary server, neither of which are under the control of the researcher performing measurements. In addition to hybrid idle scans, we present and employ a novel side channel in the Linux kernel's SYN backlog. We demonstrate both techniques by measuring the reachability of the Tor network which is known to be blocked in China. Our measurements reveal that 1) failures in the firewall occur throughout the entire country without any conspicuous geographical patterns, 2) a network block in China appears to have unfiltered access to parts of the Tor network, and 3) the filtering seems to be mostly centralized at the level of Internet exchange points. Our work also answers many other open questions about the Great Firewall's architecture and implementation.

## Is the firewall consistent?: Gedanken experiments on black hole complementarity and firewall proposal

Hwang, Dong-il; Lee, Bum-Hoon; Yeom, Dong-han
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
27.85%
In this paper, we discuss the black hole complementarity and the firewall proposal at length. Black hole complementarity is inevitable if we assume the following five things: unitarity, entropy-area formula, existence of an information observer, semi-classical quantum field theory for an asymptotic observer, and the general relativity for an in-falling observer. However, large N rescaling and the AMPS argument show that black hole complementarity is inconsistent. To salvage the basic philosophy of the black hole complementarity, AMPS introduced a firewall around the horizon. According to large N rescaling, the firewall should be located close to the apparent horizon. We investigate the consistency of the firewall with the two critical conditions: the firewall should be near the time-like apparent horizon and it should not affect the future infinity. Concerning this, we have introduced a gravitational collapse with a false vacuum lump which can generate a spacetime structure with disconnected apparent horizons. This reveals a situation that there is a firewall outside of the event horizon, while the apparent horizon is absent. Therefore, the firewall, if it exists, not only does modify the general relativity for an in-falling observer...

## Architecture Of A Identity Based Firewall System

Tipo: Artigo de Revista Científica
Relevância na Pesquisa
27.69%
Classic firewall systems are built to filter traffic based on IP addresses, source and destination ports and protocol types. The modern networks have grown to a level where the possibility for users' mobility is a must. In such networks, modern firewalls may introduce such complexity where administration can become very frustrating since it needs the intervention of a firewall administrator. The solution for this problem is an identity based firewall system. In this paper we will present a new design of a firewall system that uses the user's identity to filter the traffic. In the design phase we will define key points which have to be satisfied as a crucial milestone for the functioning of the whole Identity based firewall system.; Comment: 9 pages, 3 figures, 1 table; (ISSN: 0975- 2307); International Journal of Network Security & Its Applications July 2011, Volume 3, Number 4

## Mass of a Black Hole Firewall

Abramowicz, M. A.; Kluźniak, W.; Lasota, J. -P.
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
27.61%
Quantum entanglement of Hawking radiation has been supposed to give rise to a Planck density "firewall" near the event horizon of old black holes. We show that Planck density firewalls are excluded by Einstein's equations for black holes of mass exceeding the Planck mass. We find an upper limit of $1/(8\pi M)$ to the surface density of a firewall in a Schwarzschild black hole of mass $M$, translating for astrophysical black holes into a firewall density smaller than Planck density by more than 30 orders of magnitude. A strict upper limit on the firewall density is given by the Planck density times the ratio $M_{\rm Pl}/(8\pi M)$.; Comment: 6 pages, version published in Phys. Rev. Lett

## Applying static code analysis to firewall policies for the purpose of anomaly detection

Tipo: Artigo de Revista Científica
Relevância na Pesquisa
27.81%
Treating modern firewall policy languages as imperative, special purpose programming languages, in this article we will try to apply static code analysis techniques for the purpose of anomaly detection. We will first abstract a policy in common firewall policy language into an intermediate language, and then we will try to apply anomaly detection algorithms to it. The contributions made by this work are: 1. An analysis of various control flow instructions in popular firewall policy languages 2. Introduction of an intermediate firewall policy language, with emphasis on control flow constructs. 3. Application of \textit{Static Code Analysis} to detect anomalies in firewall policy, expressed in intermediate firewall policy language. 4. Sample implementation of \textit{Static Code Analysis} of firewall policies, expressed in our abstract language using Datalog language.

## Firewall strategies using network processors

Mariani, Matthew
Fonte: Rochester Instituto de Tecnologia Publicador: Rochester Instituto de Tecnologia
Português
Relevância na Pesquisa
37.89%
The emergence of network processors provides a broad range of new applications, particularly in the field of network security. Firewalls have become one of the basic building blocks of implementing a network's security policy; however, the security of a firewall can potentially lead to a bottleneck in the network. Therefore, improving the performance of the firewall means also improving the performance of the protected network. With the ability to direcdy monitor and modify packet information at wire speeds, the network processor provides a new avenue for the pursuit of faster, more efficient firewall products. This paper describes the implementation of two simulated network processor based firewalls. The first architecture, a basic packet filtering firewall, utilizes tree-based structures for manipulating IP and transport level firewall rules while also utilizing parallelism available in the network processor during firewall rule look-ups. In the second architecture, a parallel firewall is created using a network processor based, load-balancing switch along with two network processor based firewall machines, both utilizing the basic packet filter operations of the first architecture. When added to existing routing software, these implementations demonstrate the feasibility of creating dynamic packet-filtering routers using network processor technology.

## Analysis of firewall log-based detection scenarios for evidence in digital forensics

Mukhtar, R; Al-Nemrat, A; Alazab, Mamoun; Venkatraman, S; Jahankhani, H
Fonte: Inderscience Publishers Publicador: Inderscience Publishers
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
27.61%
With the recent escalating rise in cybercrime, firewall logs have attained much research focus in assessing their capability to serve as excellent evidence in digital forensics. Even though the main aim of firewalls is to screen or filter part or all network traffic, firewall logs could provide rich traffic information that could be used as evidence to prove or disprove the occurrence of online attack events for legal purposes. Since courts have a definition of what could be presented to it as evidence, this research investigates on the determinants for the acceptability of firewall logs as suitable evidence. Two commonly used determinants are tested using three different firewall-protected network scenarios. These determinants are: 1 admissibility that requires the evidence to satisfy certain legal requirements stipulated by the courts 2 weight that represents the sufficiency and extent to which the evidence convinces the establishment of cybercrime attack.