Re: Firewall Science Project

[apotter () icsa net]

Greetings:

KSullivan () tmlp com said:

> I am looking into doing my science project on
> firewall's this year. I was wondering if anyone else has seen a
> project done on this or if they could suggest some ideas for
> experiments.

Sounds like an interesting project.

Were I you, I start by looking at the three basic approaches (for the purpose 
of this discussion: packet filter, stateful packet filter, proxy), comparing 
and contrasting the strengths and weaknesses.

Since there is at least one example of each available in source form for Linux 
(and probably for other platforms as well), you should be able to go as deep 
as you wish.

Take a look at:

PF:     Linux Kernel (ip_firewalling, IP_chains)
SPF:    SINUS Firewall www.ifi.unizh.ch/groups/ikm/SINUS/firewall.html
Proxy:  TIS Firewall Toolkit

The SINUS stuff is a little hard to find, and seems not to not have been 
updated lately, but is interesting.  The rest should be easy to find on the 
web.



[Note to List_Denizens: I know this is a gross simplification, and it is NOT 
intended to be authoritative or all-inclusive.  It should help the gentleman 
get started, however.

Flames > /dev/null ]



AL
-- 
+--------------------------------------------------------------------+
| Al Potter                          Senior Network Security Analyst |
| apotter at-yay icsa ot-day net                           ICSA Labs |
|                                                http://www.icsa.net |
| If the spambots learn piglatin........                             |
+--------------------------------------------------------------------+