David M. Martin Jr, Sivaramakrishnan Rajagopalan, and Aviel D. Rubin. Blocking java applets at the firewall. Symposium on Network and Distributed Systems Security (San Diego, CA, 10--11 February 1997.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....attacks, dropped packets, and crash attacks. Application proxies, particularly for e mail and web traffic, can be used as intermediaries between vulnerable LAN systems and particular application services. Some such proxies examine the corresponding dataflows to identify and block dangerous data [22, 35]. Each such proxy addresses a single protocol, introduces a central bottleneck, and sometimes creates a visibility problem by making all requests appear to come from a single system. Self securing NIs allow similar checking in a multi purpose, scanner constraining platform. A substantial body of ....

David M. Martin Jr, Sivaramakrishnan Rajagopalan, and Aviel D. Rubin. Blocking java applets at the firewall. Symposium on Network and Distributed Systems Security (San Diego, CA, 10--11 February 1997.

....as bu er space for the fragments. The rewall may also provide a proxy which understands the speci c requirements of an application. A web proxy, for instance, intercepts outbound requests for HTML documents and rewrites their responses to remove potentially dangerous Java applets or Javascript [26]. This is the most demanding task for a rewall, since the entire protocol stream must be reassembled in addition to the action of ltering the contents of that stream. Unfortunately, rewalls su er serious limitations. Inspecting all of the trac traversing a rewall may not be possible at the ....

....each other, so ltering may be unnecessary in this case. 14 7 Related Work Firewalls have been the subject of research for many years [11, 28] In that time, many problems with rewalls have been discovered as well [10, 42] E ective techniques for blocking Java applets are described by Martin [26], though the authors note that blocking Javascript is more dicult. Recent work has argued for a shift from rewalls to IPsec [31] However, Bellovin [6] notes that encryption and authentication, and thus, IPsec) do not prevent some attacks. As discussed previously, rewall management has become ....

David M. Martin Jr, Sivaramakrishnan Rajagopalan, and Aviel D. Rubin. Blocking java applets at the rewall. Symposium on Network and Distributed Systems Security (San Diego, CA, 10-11 February 1997.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC