Firewalls are now an integral part of network security and a variety of architectures have been developed. These architectures, however, are normally static and offer little opportunity to adapt to common attacks or to take account of past behaviour. To date, development in modifiable firewall configurations has been very limited. We propose an extension to the semantics of stateful packet filtering systems that would allow data to be recalled, used and shared amongst packet filtering rules and applications. This new concept of rule adaptation permits management beyond connection tracking, incorporating the overall system state as well as the effects of multiple connections.
展开▼
