Technical reports:
ROFL: Routing as the Firewall Layer
Hang Zhao; Chi-Kin Chau; Steven Michael Bellovin
Downloads:
- Title:
- ROFL: Routing as the Firewall Layer
- Author(s):
-
Zhao, Hang
Chau, Chi-Kin
Bellovin, Steven Michael - Date:
- 2008
- Type:
- Technical reports
- Department:
- Computer Science
- Permanent URL:
- http://hdl.handle.net/10022/AC:P:9321
- Series:
- Columbia University Computer Science Technical Reports
- Part Number:
- CUCS-026-08
- Publisher:
- Department of Computer Science, Columbia University
- Publisher Location:
- New York
- Abstract:
- We propose a firewall architecture that treats port numbers as part of the IP address. Hosts permit connectivity to a service by advertising the IPaddr:port/48 address; they block connectivity by ensuring that there is no route to it. This design, which is especially well-suited to MANETs, provides greater protection against insider attacks than do conventional firewalls, but drops unwanted traffic far earlier than distributed firewalls do.
- Subject(s):
- Computer science
- Item views:
- 101