Home

ROFL: Routing as the Firewall Layer

Hang Zhao; Chi-Kin Chau; Steven Michael Bellovin; Columbia University. Computer Science

Title:
ROFL: Routing as the Firewall Layer
Author(s):
Zhao, Hang; Chau, Chi-Kin; Bellovin, Steven Michael; Columbia University. Computer Science
Date:
Type:
Technical reports
Department:
Computer Science
Permanent URL:
Series:
Columbia University Computer Science Technical Reports
Part Number:
CUCS-026-08
Abstract:
We propose a firewall architecture that treats port numbers as part of the IP address. Hosts permit connectivity to a service by advertising the IPaddr:port/48 address; they block connectivity by ensuring that there is no route to it. This design, which is especially well-suited to MANETs, provides greater protection against insider attacks than do conventional firewalls, but drops unwanted traffic far earlier than distributed firewalls do.
Subject(s):
Computer science
Item views:
122
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use