ETD system

Electronic theses and dissertations repository

 

Tesi etd-04192013-162212


Thesis type
Tesi di laurea specialistica
Author
DIGNANI, ANDREA
URN
etd-04192013-162212
Title
Firewall at high speed for Unix systems
Struttura
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
INGEGNERIA INFORMATICA
Supervisors
relatore Prof. Rizzo, Luigi
relatore Prof. Lettieri, Giuseppe
Parole chiave
  • synflood
  • protection
  • flood
  • ipfw
  • netmap
  • firewall
Data inizio appello
09/05/2013;
Consultabilità
Parziale
Data di rilascio
09/05/2053
Riassunto analitico
In this work we modify IPFW, a firewall of the FreeBSD distribution, in order to protect an end host(s) from SYN floods. The two network tools used are: the firewall itself, an
application (that can run also in another machine relative to the one that
gives the service) that functions as an intermediary between the end host(s)
and the attacker intercepting and filtering all the traffic that pass between
them; a particular method called ’SYN Cookies’ that permits
to not save anything in memory for each incoming connection setup (TCP), avoiding
the memory exhaustion caused by the flood.
File