Analysis of vulnerabilities in Internet firewalls

Get BibTex-formatted data

Author

Seny Kamara, Sonia Fahmy, Eugene Schultz, Florian Kerschbaum, Michael Frantzen

Entry type

article

Abstract

Firewalls protect a trusted network from an untrusted network by filtering traffic according to a specified security policy. A diverse set of firewalls is being used today. As it is infeasible to examine and test each firewall for all possible potential problems, a taxonomy is needed to understand firewall vulnerabilities in the context of firewall operations. This paper describes a novel methodology for analyzing vulnerabilities in Internet firewalls. A firewall vulnerability is defined as an error made during firewall design, implementation, or configuration, that can be exploited to attack the trusted network that the firewall is supposed to protect. We examine firewall internals, and cross-reference each firewall operation with causes and effects of weaknesses in that operation, analyzing twenty reported problems with available firewalls. The result of our analysis is a set of matrices that illustrate the distribution of firewall vulnerability causes and effects over firewall operations. These matrices are useful in avoiding and detecting unforeseen problems during both firewall implementation and firewall testing. Two case studies of Firewall-1 and Raptor illustrate our methodology.

Date

2003 – 04

URL

http://www.sciencedirect.com/s ... 247f516daaf710576dee95604

Journal

Computers & Security

Key alpha

Fahmy

Pages

214-232

Volume

Publication Date

2003-04-00

Copyright

2003

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Fahmy,
	title = "Analysis of vulnerabilities in Internet firewalls",
	author = "Seny  Kamara, Sonia Fahmy, Eugene Schultz, Florian Kerschbaum, Michael Frantzen",
	year = "2003",
	month = "04",
	journal = "Computers & Security",
	pages = "214-232",
	volume = "22",
	abstract = "Firewalls protect a trusted network from an untrusted network by filtering traffic according to a specified security policy. A diverse set of firewalls is being used today. As it is infeasible to examine and test each firewall for all possible potential problems, a taxonomy is needed to understand firewall vulnerabilities in the context of firewall operations. This paper describes a novel methodology for analyzing vulnerabilities in Internet firewalls. A firewall vulnerability is defined as an error made during firewall design, implementation, or configuration, that can be exploited to attack the trusted network that the firewall is supposed to protect. We examine firewall internals, and cross-reference each firewall operation with causes and effects of weaknesses in that operation, analyzing twenty reported problems with available firewalls. The result of our analysis is a set of matrices that illustrate the distribution of firewall vulnerability causes and effects over firewall operations. These matrices are useful in avoiding and detecting unforeseen problems during both firewall implementation and firewall testing. Two case studies of Firewall-1 and Raptor illustrate our methodology.",
	copyright = "2003",
	url = "http://www.sciencedirect.com/science?_ob=ArticleURL&_udi=B6V8G-48KVB77-C&_user=29441&_rdoc=1&_fmt=&_orig=search&_sort=d&view=c&_acct=C000003858&_version=1&_urlVersion=0&_userid=29441&md5=47e7f6b247f516daaf710576dee95604",
}