Exploring the use of Iptables as an Application Layer Firewall

PDF / 1,087,462 Bytes
9 Pages / 595.276 x 790.866 pts Page_size
65 Downloads / 258 Views

ORIGINAL CONTRIBUTION

Exploring the use of Iptables as an Application Layer Firewall Nikita Gandotra1

•

Lalit Sen Sharma1

Received: 9 October 2019 / Accepted: 2 October 2020 The Institution of Engineers (India) 2020

Abstract Application layer attacks pose as a grievous threat to the valuable information stored at Web servers for its illegitimate access. These attacks exploit certain protocols being used by an application of the targeted server, and at network level, these can only be intercepted by reading the contents of the packets before they reach the victim machine. This paper explores the use of Iptables for mitigating such application layer attacks, namely SQL injection, Cross-Site Scripting (XSS), HTTP Flood, FTP Flood and FTP Bounce attacks. The signature keywords used for articulating these attacks were first identified, and then, the new customized Iptables rules were laid for detection and mitigation of these attacks. The Iptables rules were tested on an experimental setup in a real network, and it was found that these rules could successfully detect the attack with the system performance degradation of only about 1% and therefore are easy to implement for configuring a lightweight security solution for application servers. Keywords Linux firewall Iptables SQL Injection XSS HTTP Flood, FTP flood FTP Bounce

Introduction Application layer attacks are serious threats to information security and services provided by the Web servers connected to the Internet. The servers are continuously being & Nikita Gandotra [email protected] Lalit Sen Sharma [email protected] 1

Department of Computer Science and IT, University of Jammu, Jammu, India

targeted by intruders by exploiting certain application layer protocols for breaching the security of valuable information and thereby making it vulnerable to illegitimate access. These attacks are harder to identify and mitigate at network level and can only be intercepted by reading the contents of the packets before they reach the victim machine. In order to provide protection to the servers, firewalls are usually deployed as these form the first line of defense without restricting the information exchange with the outside world. An Application Layer Firewall can process information at network layer, transport layer, session layer and application layer of the OSI reference model. These provide greater control over traffic than packet-filtering firewalls [1]. It filters ingress and outgress traffic based on its rules laid by the network administrator [2]. Initially, it was believed deploying a firewall could degrade the performance of the network, but authors in [3] proved that filtering of unwanted traffic by firewall can increase network performance noticeably. Similarly, in [4] it was reported that link utilization and throughput are improved with deployment of firewalls. Thus, firewall does not only improve the network security but also improves the quality of service both in terms of availability and performance. Iptables is a powerful open sour

Data Loading...

Exploring the use of Iptables as an Application Layer Firewall

Recommend Documents

The Firewall Phenomenon

Learning Stories as an Assessment: A Case Study Exploring Its Local Application in China

Firewall for Intranet Security

Exploring the Use of State Medical Cannabis Legislation as a Proxy for Medical Cannabis Use Among Patients Receiving Che

An Application of GIS Techniques Towards Pasture Land Use Studies

Introducing an interactional approach to exploring facilitation as an implementation intervention: examining the utility

Exploring the Application of Machine Learning for Downscaling Climate Projections

Exploring the Use of Switchable Hydrophilicity Solvents as Extraction Phase for the Determination of Food-Packaging Cont

Corporations as Custodians of the Public Good? Exploring the Int

AZ4620 Photoresist as an Alternative Sacrificial Layer for Surface Micromachining

Application Areas of Epitaxially Grown Layer Structures

Exploring the use and experience of an infant feeding genogram to facilitate an assets-based approach to support infant