logo SBA

ETD

Archivio digitale delle tesi discusse presso l’Università di Pisa

Tesi etd-04192013-162212


Tipo di tesi
Tesi di laurea specialistica
Autore
DIGNANI, ANDREA
URN
etd-04192013-162212
Titolo
Firewall at high speed for Unix systems
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
INGEGNERIA INFORMATICA
Relatori
relatore Prof. Rizzo, Luigi
relatore Prof. Lettieri, Giuseppe
Parole chiave
  • firewall
  • flood
  • ipfw
  • netmap
  • protection
  • synflood
Data inizio appello
09/05/2013
Consultabilità
Non consultabile
Data di rilascio
09/05/2053
Riassunto
In this work we modify IPFW, a firewall of the FreeBSD distribution, in order to protect an end host(s) from SYN floods. The two network tools used are: the firewall itself, an
application (that can run also in another machine relative to the one that
gives the service) that functions as an intermediary between the end host(s)
and the attacker intercepting and filtering all the traffic that pass between
them; a particular method called ’SYN Cookies’ that permits
to not save anything in memory for each incoming connection setup (TCP), avoiding
the memory exhaustion caused by the flood.
File