Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Sliding/Shifting/Morphing firewalls

From: "Stout, Bill" <StoutB () pioneer-standard com>
Date: Wed, 10 Feb 1999 15:36:38 -0500

At some gatherings, some folk have told me about firewalls which use
dynamically changing random port numbers.  I didn't find anything on this in
the search engines.  This makes the firewall/internal targets difficult to
hit.  

[...thinking...]  It reminds me of military spread-spectrum
frequency-hopping radio systems which make it difficult to find transmitting
sites, however in the SSFH analogy, the radios 'danced' across the band
(port numbers) with each other.  Come to think of it, It wouldn't be
difficult to apply this technology to the Internet, where it may comprise of
a RAIDset of firewalls which talk to another RAIDset of firewalls and
packets synchronously danced across IP addresses and port numbers [tm]...
Dibs!  If anyone makes any money with this idea, I get royalties!  ;^)

Bill Stout


----- Original Message -----

I assume you mean using random upper port numbers for source ports instead
of having the OS dish them out sequentially? If so it makes all forms of
attack that rely on source port spoofing that much more difficult to
implement.

Chris
-- 
**************************************
cbrenton () sover net
Previous By Date Next
Previous By Thread Next

Current thread: