ETD system

Electronic theses and dissertations repository

 

Tesi etd-04192013-162212


Thesis type
Tesi di laurea specialistica
Author
DIGNANI, ANDREA
URN
etd-04192013-162212
Title
Firewall at high speed for Unix systems
Struttura
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
INGEGNERIA INFORMATICA
Commissione
relatore Prof. Rizzo, Luigi
relatore Prof. Lettieri, Giuseppe
Parole chiave
  • synflood
  • protection
  • flood
  • ipfw
  • netmap
  • firewall
Data inizio appello
09/05/2013;
Consultabilità
parziale
Data di rilascio
09/05/2053
Riassunto analitico
In this work we modify IPFW, a firewall of the FreeBSD distribution, in order to protect an end host(s) from SYN floods. The two network tools used are: the firewall itself, an<br>application (that can run also in another machine relative to the one that<br>gives the service) that functions as an intermediary between the end host(s)<br>and the attacker intercepting and filtering all the traffic that pass between<br>them; a particular method called ’SYN Cookies’ that permits<br>to not save anything in memory for each incoming connection setup (TCP), avoiding<br>the memory exhaustion caused by the flood.<br>
File