Inter domain policy routing: overview of architecture and protocols
ACM SIGCOMM Computer Communication Review
Firewalls and Internet security: repelling the wily hacker
Firewalls and Internet security: repelling the wily hacker
Efficient Algorithms for Shortest Paths in Sparse Networks
Journal of the ACM (JACM)
Experience in black-box OSPF measurement
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
The stable paths problem and interdomain routing
IEEE/ACM Transactions on Networking (TON)
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
The Design and Analysis of Computer Algorithms
The Design and Analysis of Computer Algorithms
Incorporation of service classes into a network architecture
SIGCOMM '81 Proceedings of the seventh symposium on Data communications
Firewalls and Internet Security: Repelling the Wily Hacker
Firewalls and Internet Security: Repelling the Wily Hacker
A Look Back at "Security Problems in the TCP/IP Protocol Suite"
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
An algebraic theory of dynamic network routing
IEEE/ACM Transactions on Networking (TON)
Policy-based routing with non-strict preferences
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
SANE: a protection architecture for enterprise networks
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A Simple active attack against TCP
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Ethane: taking control of the enterprise
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
A Game-Theoretical Study of Robust Networked Systems
IEEE Journal on Selected Areas in Communications
Betweenness estimation in OLSR-based multi-hop networks for distributed filtering
Journal of Computer and System Sciences
Hi-index | 0.00 |
We propose a new firewall architecture that treats port numbers as part of the IP address. Hosts permit connectivity to a service by advertising the IPaddr:port/48 address; they block connectivity by ensuring that there is no route to it. This design, which is especially well-suited to MANETs, provides greater protection against insider attacks than do conventional firewalls, but drops unwanted traffic far earlier than distributed firewalls do.