Upload File

georg-christian pranschke supervisor: barry irwin security and networks research group department of...

  • Home
  • Documents
  • Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL
10
Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL RULE SET GENERATION THROUGH PASSIVE TRAFFIC INSPECTION

Upload: charleen-hoover

Post on 28-Dec-2015

218 views

Category:

Documents


1 download

Report

Tags:

TRANSCRIPT

Page 1: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL

Georg-Christian Pranschke Supervisor: Barry Irwin

Security and Networks Research Group

Department of Computer Science

Rhodes University

AUTOMATED FIREWALL RULE SET GENERATION

THROUGH PASSIVE TRAFFIC INSPECTION

Page 2: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL

AU

TO

MA

TED

FIREW

ALL R

ULE

SET

GEN

ER

ATIO

NBackground

Wireshark Tcpdump / Windump

ACM Classification System (1998) C.2.0. Security and Protection

• Introducing firewalls into existing networks is often problematic

• Production traffic cannot be interrupted

• Necessitates time consuming manual analysis of network traffic

• Ever increasing traffic volumes make manual analysis less feasible

Page 3: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL

AU

TO

MA

TED

FIREW

ALL R

ULE

SET

GEN

ER

ATIO

NTraffic Analyser – Flow Creation

Page 4: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL

AU

TO

MA

TED

FIREW

ALL R

ULE

SET

GEN

ER

ATIO

NHigh Level Design Overview – System Components

Page 5: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL

Pipeline: bpf -> sql -> scripts -> fwbuilder

Page 6: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL
Page 7: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL

Charybdis screencast

Scylla screencast

Page 8: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL

AU

TO

MA

TED

FIREW

ALL R

ULE

SET

GEN

ER

ATIO

NResults / Critical Evaluation

• Misconfigured firewall provides only the illusion of network security

• Imperfect information -> no proof of correctness

• “Dancing bears”

• HTTP universal firewall traversal protocol -> SQLi

Page 9: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL
Page 10: Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL

AU

TO

MA

TED

FIREW

ALL R

ULE

SET

GEN

ER

ATIO

NQuestions ?


Rhodes FOIA

P point rhodes

Zandra Rhodes

James Rhodes

RHODES TP FEB 2014 Digital - Rhodes Food Group | Food

Rhodes - kefitours.grkefitours.gr/pdf/KEFITOURS_Travel_Guides/EUROPE/... · Updated 15 July 2014 Photo: HBarrison Rhodes BruceHH Michael Cannon Photo: Forrestal_PL Rhodes, the pearl

Rhodes Greece

Rhodes Greece Lindos & Port of Rhodes - Manneli

Greeka guide to Rhodes - Icicte · 2010. 10. 19. · Rhodes p 2/14. Map of Rhodes Organize your trip to Rhodes. Greeka.com can also help you organize your entire holiday in Rhodes

1 Nephrology Department, General Hospital of Rhodes, Rhodes, Greece, 2 1 st Department of Internal Medicine, General Hospital of Rhodes, Rhodes, Greece

Pub47 Rhodes

Georg Simmel’in Din Teorisinin Temel Yaklaşımları GEORG

RHODES COLLEGE

Rhodes Solutions Ch3

( Prayer by Dr .Gary Rhodes ) · Gary Rhodes , Elliott Avenue Baptlst Church , Spr ing f ield , I kl (nots . Dr . Rhodes . DR . GARY RHODES : ( Prayer by Dr .Gary Rhodes ) PRESIDENT

Redesign rhodes

3.11 Harry Rhodes

Rhodes mobile Framework

Mythical Rhodes

RHODES UNIVERSITY

Rhodes Framework

Rhodes Hilton

s531520e81be20dd9.jimcontent.com · Bilder: Georg Eichenseer . Bilder: Georg Eichenseer . Bilder: Georg Eichenseer

EXM01 Rhodes

Ancient greece rhodes

Anne Rhodes virtualresume

Johann Georg Albrechtsberger (1736-1809) - BnF · Johann Georg Albrechtsberger (1987) Johann Georg Albrechtsberger als Kirchenkomponist (1927) Autour de Johann Georg Albrechtsberger

Fender Rhodes

Rhodes Island

Rhodes 1964

The Rhodes Scholarships Australia - QUT...Rhodes Scholar, Lauren Dancer Most recently, the 2018 Queensland Rhodes Scholar, Dr Beth Hamilton. Dr Beth Hamilton, 2018 Queensland Rhodes

The American Rhodes Scholar · 2020. 9. 22. · The American Rhodes Scholar. The American Rhodes Scholaris published by the Association of American Rhodes Scholars and is supported

The Rhodes Historical Review - Rhodes College | Become … · 2015-11-05 · the Department of History at Rhodes College publish The Rhodes Historical Review annually. ... The conquest

Operation Egg Drop Rhodes Science 8 Rhodes Science 8

Natura Rhodes