Reapoff 0.24 review
DownloadRegular Expression, Arbitrary Protocol, Opensource Filtering Firewall (Reapoff) is an arbitrary protocol proxy
|
|
Regular Expression, Arbitrary Protocol, Opensource Filtering Firewall (Reapoff) is an arbitrary protocol proxy. A proxy server is a program which accepts connections on behalf of another program and forwards these connections to the original program. There are a many different commonly used proxies involved, such as web proxies, ftp proxies, and mail proxies.
Proxy based firewalls offer superior protection to packet filtering firewalls. This is because the proxies are interpreting each protocol. This is unlike more conventional packet filtering firewalls which make the assumption that protocol interactions are somehow related to TCP port numbers. Proxy based firewalls offer the following advantages:
Information passed between client and server is guaranteed to conform to the specified protocol
It is possible to specify a security policy on the different operations offered by those protocols.
For example suppose that we have an FTP proxy protecting an FTP server. This proxy ensures that the clients to the FTP server are actually using the FTP protocol. In addition the administrator may also specify a small subset of FTP commands that are allowed, for example no uploads are allowed etc. The best feature about this is that the administrator can deploy the proxy on the perimeter and have the security policy apply to any machines that may be installed inside.
Such a fine level of control is great, but in practice most proxies do not really offer that level of contol, and if they do its difficult to configure.
REAPOFF is an arbitrary protocol proxy. That is to say, the same proxy may be used to control any TCP/IP based protocol - the behavior of the proxy is fully specified by its configuration files. This fact allows REAPOFF to be easily modified to work with any new protocol simply by writing a new configuration file. In addition new features are easily added simply by adding new rules. Removing rules which may not be applicable for a particular scenario can be achieved very easily by commenting these out in the configuration file. The aim of this project is to produce the most intelligent proxy. This is very important for system administrators who need to add a new filtering rule to protect their network against a newly announced vulnerability for example.
The REAPOFF site will have a library of rules, each adding new functionality to the proxy or protecting against a newly announced vulnerability exploitation, in much the same way as IDS or anti-virus vendors include new signatures in response to new vulnerabilities.
Reapoff 0.24 search tags