A quantitative study of firewall configuration errors

被引：170

作者：

Wool, A ^{[1
]}

机构：

[1] Tel Aviv Univ, Sch Elect Engn, IL-69978 Tel Aviv, Israel

来源：

COMPUTER | 2004年 / 37卷 / 06期

关键词：

D O I：

10.1109/MC.2004.2

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

The protection that firewalls provide is only as good as the policy they are configured to implement. Analysis of real configuration data shows that corporate firewalls are often enforcing rule sets that violate well-established security guidelines.

引用

页码：62 / 67

页数：6

共 10 条

[1]

*CERT COORD CTR, 2003, CERT ADV CA 2003 20

[2]

Chapman D., 1995, Building internet firewalls

[3]

Cheswick WilliamR., 1994, FIREWALLS INTERNET S

[4] Fang: A firewall analysis engine [J].

Mayer, A ;

Wool, A ;

Ziskind, E .

2000 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2000, :177-187

[5]

Moore David, 2003, SPREAD SAPPHIRE SLAM

[6]

Rubin A. D., 1997, WEB SECURITY SOURCEB

[7]

*SANS I, 2003, 20 MOST CRIT INT SEC

[8]

Wool A, 2001, USENIX ASSOCIATION PROCEEDINGS OF THE 10TH USENIX SECURITY SYMPOSIUM, P85

[9]

WOOL A, 2001, 15 LARG INST SYST AD

[10]

WOOL A, 2004, IN PRESS COMPUTERS S

← 1 →