Friday, June 26, 2009
I've written a series of batch files and shell scripts to automate the testing process, so I now have a working implementation. The output is a series of text files (each corresponding to a partially masked rule) consisting of packets and their associated decisions. The number of packets generated depends on the number of rules involved in the masking, but on the policies I've been testing it with, they seem to be relatively low in number. I'm confident that the algorithm I am using to generate the packets is thorough. Most of this past week, I've been catching up on writing and doing classwork.
Posted by Lee at 6:47 PM
Friday, June 12, 2009
This is my first post in the REU blog. I received JeeHyun's tool from his SRDS08 paper this week. So far, I've been able to modify his tool to generate packets that target rule intersections. I've got to work a bit on making the output of the FireMAN tool useful to JeeHyun's tool though. This could be a bit awkward, since they run on different platforms (JeeHyun's tool uses a constraint solver by MS, simple Linux replacement available?), and use different firewall formats. In any event, paper writing is definitely more difficult than I originally anticipated. Now that I have everything I need (and know how it all fits together), hopefully the writing will become easier.
Posted by Lee at 1:07 PM