Firewall Wizards mailing list archives
Re: Sliding/Shifting/Morphing firewalls
From: "Stephen P. Berry" <spb () meshuga incyte com>
Date: Wed, 10 Feb 1999 19:23:17 -0800
-----BEGIN PGP SIGNED MESSAGE----- Bill Stout <StoutB () pioneer-standard com>
[...thinking...] It reminds me of military spread-spectrum frequency-hopping radio systems which make it difficult to find transmitting sites, however in the SSFH analogy, the radios 'danced' across the band (port numbers) with each other. Come to think of it, It wouldn't be difficult to apply this technology to the Internet, where it may comprise of a RAIDset of firewalls which talk to another RAIDset of firewalls and packets synchronously danced across IP addresses and port numbers [tm]... Dibs! If anyone makes any money with this idea, I get royalties! ;^)
I've used similar techniques for concealing (or obfuscating, anyway) the movement of data from one place to another. I.e., when I want reasonably synchronous notification of some event from some sensor, but don't want to advertise the fact that the sensor is looking for events of that type. In such situations, generating some decoy traffic is generally useful. If you're interested in muddying the waters beyond the portdancing the RAID firewalls (firewobbles?) are doing, using some fraction of the free bandwidth between them for decoy traffic might be attractive---especially if you have any nagging concerns about that PRNG you've got picking your ports for you. Presumably your protocoal for all this would include some mechanism for negotiating the `what's and `where's for the decoy traffic---so you can distinguish between decoy traffic and spoofed traffic. - -Steve -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNsJM9Crw2ePTkM9BAQHHAwP8D3fS19Tv3KDlSPXZ6bKxpEdcwxZfDZyl OHXo7o6DkjWLk7iwzbS4OJnXEbIE6EtmggjF6eQeeXjT7UUwBH48MOtPr1MlCPyn XRB+FrpLGMoSP1Bx8P9vAofFS56pEYqLksxWW3sgy7YQvcUjiHBURcOqATVPn6Gn gbd0if32+fo= =j9P3 -----END PGP SIGNATURE-----
Current thread:
- Sliding/Shifting/Morphing firewalls Stout, Bill (Feb 10)
- Re: Sliding/Shifting/Morphing firewalls Chris Cappuccio (Feb 10)
- Re: Sliding/Shifting/Morphing firewalls cbrenton (Feb 10)
- <Possible follow-ups>
- RE: Sliding/Shifting/Morphing firewalls Stout, Bill (Feb 10)
- Re: Sliding/Shifting/Morphing firewalls Stephen P. Berry (Feb 11)
- RE: Sliding/Shifting/Morphing firewalls Safier, Adam (GEIS) (Feb 11)
- RE: Sliding/Shifting/Morphing firewalls cbrenton (Feb 11)
- RE: Sliding/Shifting/Morphing firewalls Stout, Bill (Feb 11)
- RE: Sliding/Shifting/Morphing firewalls Stout, Bill (Feb 11)
- Re: Sliding/Shifting/Morphing firewalls Stephen P. Berry (Feb 11)
- Re: Sliding/Shifting/Morphing firewalls Joseph S D Yao (Feb 12)
- Re: Sliding/Shifting/Morphing firewalls Stephen P. Berry (Feb 11)
- Re: Sliding/Shifting/Morphing firewalls montenegro (Feb 11)
- RE: Sliding/Shifting/Morphing firewalls Safier, Adam (GEIS) (Feb 11)
- RE: Sliding/Shifting/Morphing firewalls ark (Feb 12)
- RE: Sliding/Shifting/Morphing firewalls Stout, Bill (Feb 12)