Analysis of ICMP policy for edge firewalls using active probing

Author

Hyeonwoo Kim ; Dongwoo Kwon ; Hongtaek Ju

Author_Institution

Dept. of Comput. Eng., Keimyung Univ., Daegu, South Korea

fYear

2014

fDate

17-19 Sept. 2014

Firstpage

1

Lastpage

4

Abstract

The method of inferring firewall policy, using Active Probing repeats the process of transmitting TCP/UDP/ICMP packets and receiving ICMP response packets. However, if ICMP response packets cannot be received normally, the accuracy of inferring the firewall policy decreases, and it is necessary to verify the feasibility in real conditions. In this paper, we collect Autonomous System (AS) information to investigate the tolerance of ICMP intended for all AS across the world in addition to DNS server information, which is operational within AS. We confirm whether ICMP response packets are received or not by transmitting probing packets to the DNS server. Finally, we propose the AS information that received ICMP packets as the result of the test.

Keywords

Internet; firewalls; transport protocols; DNS server information; ICMP policy; ICMP response packet; TCP/UDP/ICMP packets; active probing; autonomous system information; edge firewalls; firewall policy; probing packets; Educational institutions; Filtering; Firewalls (computing); IP networks; Internet; Protocols; Servers; Active Probing; Autonomous System; Edge Firewall; Firewall Policy; ICMP;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Operations and Management Symposium (APNOMS), 2014 16th Asia-Pacific

Conference_Location

Hsinchu

Type

conf

DOI

10.1109/APNOMS.2014.6996591

Filename

6996591