Presentation is loading. Please wait.

Presentation is loading. Please wait.

Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL.

Published byCharleen Hoover Modified over 9 years ago

Similar presentations

Presentation on theme: "Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL."— Presentation transcript:

1 Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL RULE SET GENERATION THROUGH PASSIVE TRAFFIC INSPECTION

2 AUTOMATED FIREWALL RULE SET GENERATION Background WiresharkTcpdump / Windump ACM Classification System (1998) C.2.0. Security and Protection Introducing firewalls into existing networks is often problematic Production traffic cannot be interrupted Necessitates time consuming manual analysis of network traffic Ever increasing traffic volumes make manual analysis less feasible

3 AUTOMATED FIREWALL RULE SET GENERATION Traffic Analyser – Flow Creation

4 AUTOMATED FIREWALL RULE SET GENERATION High Level Design Overview – System Components

5 Pipeline: bpf -> sql -> scripts -> fwbuilder

6

7 Charybdis screencast Scylla screencast

8 AUTOMATED FIREWALL RULE SET GENERATION Results / Critical Evaluation Misconfigured firewall provides only the illusion of network security Imperfect information -> no proof of correctness “Dancing bears” HTTP universal firewall traversal protocol -> SQLi

9

10 AUTOMATED FIREWALL RULE SET GENERATION Questions ?

Download ppt "Georg-Christian Pranschke Supervisor: Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University AUTOMATED FIREWALL."

Similar presentations

NETWORKS By : Nicolas Pottier. Electronic security Establishing techniques that allow users to prove and protect their Identity from unauthorised personnel.

NETWORKS By : Nicolas Pottier. Electronic security Establishing techniques that allow users to prove and protect their Identity from unauthorised personnel.
Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.
Pie(s) in the Sky Mark Crovella Boston University Computer Science.

Pie(s) in the Sky Mark Crovella Boston University Computer Science.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.
Using TTCN-3 in Interoperability Testing for Real-time Communication Systems Zhiliang Wang, Jianping Wu, Xia Yin, Xingang Shi and Beihang Tian Department.

Using TTCN-3 in Interoperability Testing for Real-time Communication Systems Zhiliang Wang, Jianping Wu, Xia Yin, Xingang Shi and Beihang Tian Department.
Internet Security CS457 Seminar Zhao Cheng. Security attacks interruption, interception, modification, fabrication passive attack, active attack.

Internet Security CS457 Seminar Zhao Cheng. Security attacks interruption, interception, modification, fabrication passive attack, active attack.
Rhodes University - Department of Computer Science 1 Project Project: Re-establishing and improving the experimental VoIP link with the University of Namibia:

Rhodes University - Department of Computer Science 1 Project Project: Re-establishing and improving the experimental VoIP link with the University of Namibia:
Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.

Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.
CS682 Session 6 Prof. Katz. Firewalls An intelligent router? Used as a traffic control mechanism Based on information in the Layer 3 and 4 headers Administrator.

CS682 Session 6 Prof. Katz. Firewalls An intelligent router? Used as a traffic control mechanism Based on information in the Layer 3 and 4 headers Administrator.
Networking Components Manuel Palos. HUBS Hubs are inexpensive devices that connect multiple devices t0 a network. Hubs merely pass along network data.

Networking Components Manuel Palos. HUBS Hubs are inexpensive devices that connect multiple devices t0 a network. Hubs merely pass along network data.
Intrusion Prevention System Group 6 Mu-Hsin Wei Renaud Moussounda Group 6 Mu-Hsin Wei Renaud Moussounda.

Intrusion Prevention System Group 6 Mu-Hsin Wei Renaud Moussounda Group 6 Mu-Hsin Wei Renaud Moussounda.
1 Action Automated Security Breach Reporting and Corrections.

1 Action Automated Security Breach Reporting and Corrections.
Firewalls and the Campus Grid: an Overview Bruce Beckles University of Cambridge Computing Service.

Firewalls and the Campus Grid: an Overview Bruce Beckles University of Cambridge Computing Service.
Detection and Resolution of Anomalies in Firewall Policy Rules

Detection and Resolution of Anomalies in Firewall Policy Rules
SharePoint Farm On Azure IAAS Prepared By : Prakhar Rastogi Premier Field engineer Microsoft India.

SharePoint Farm On Azure IAAS Prepared By : Prakhar Rastogi Premier Field engineer Microsoft India.
A Brief Taxonomy of Firewalls

A Brief Taxonomy of Firewalls
Brad Baker CS526 May 7 th, 2008 5/7/2008 1. 1. Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.

Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Pushing the Security Boundaries of Ubiquitous Computing ACSF 2006 —————— 13 th July 2006 —————— David Llewellyn-Jones, Madjid Merabti, Qi Shi, Bob Askwith.

Pushing the Security Boundaries of Ubiquitous Computing ACSF 2006 —————— 13 th July 2006 —————— David Llewellyn-Jones, Madjid Merabti, Qi Shi, Bob Askwith.
1 Reasoning about Concurrency for Security Tunnels Alwyn E. Goodloe University of Pennsylvania Carl A. Gunter University of Illinois Urbana-Champaign.

1 Reasoning about Concurrency for Security Tunnels Alwyn E. Goodloe University of Pennsylvania Carl A. Gunter University of Illinois Urbana-Champaign.

Similar presentations

Ads by Google