Home

ROFL: Routing as the Firewall Layer

Hang Zhao; Chi-Kin Chau; Steven Michael Bellovin

Title:
ROFL: Routing as the Firewall Layer
Author(s):
Zhao, Hang
Chau, Chi-Kin
Bellovin, Steven Michael
Date:
Type:
Technical reports
Department:
Computer Science
Permanent URL:
Series:
Columbia University Computer Science Technical Reports
Part Number:
CUCS-026-08
Abstract:
We propose a firewall architecture that treats port numbers as part of the IP address. Hosts permit connectivity to a service by advertising the IPaddr:port/48 address; they block connectivity by ensuring that there is no route to it. This design, which is especially well-suited to MANETs, provides greater protection against insider attacks than do conventional firewalls, but drops unwanted traffic far earlier than distributed firewalls do.
Subject(s):
Computer science
Item views:
130
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use