TCP/IP illustrated (vol. 2): the implementation
TCP/IP illustrated (vol. 2): the implementation
Practical Unix and Internet security (2nd ed.)
Practical Unix and Internet security (2nd ed.)
Building Internet firewalls (2nd ed.)
Building Internet firewalls (2nd ed.)
Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
Protecting privacy with protocol stack virtualization
Proceedings of the 7th ACM workshop on Privacy in the electronic society
ROFL: routing as the firewall layer
Proceedings of the 2008 workshop on New security paradigms
Routing loop attacks using IPv6 tunnels
WOOT'09 Proceedings of the 3rd USENIX conference on Offensive technologies
Hi-index | 0.00 |
Traditionally, hosts have tended to assign relatively few network addresses to an interface for extended periods. Encouraged by the new abundance of addressing possibilities provided by IPv6, we propose a new method, called Transient Addressing for Related Processes (TARP), whereby hosts temporarily employ and subsequently discard IPv6 addresses in servicing a client host's network requests. The method provides certain security advantages and neatly finesses some well-known firewall problems caused by dynamic port negotiation used in a variety of application protocols. A prototype implementation exists as a small set of kame/BSD kernel enhancements and allows socket programmers and applications nearly transparent access to TARP addressing's advantages.