Workshop in Information Security:
Building a Firewall within the Linux Kernel
0368-3500-40, Spring 2013
Firewalls control and monitor access to networks, and are found in every organization and personal computer. Emerging as an Israeli innovation two decades ago, modern firewalls perform sophisticated packet analysis tasks at a very high throughput.
In this workshop we will study the basic design of firewalls, and recreate the basic firewall functionality using just elementary building blocks of the GNU/Linux operating system. We will extend the Linux kernel with packet analysis capabilities, interface it with userspace programs, and experiment with using this firewall for blocking real-world attacks.
The workshop's goals:
This workshop is offered in cooperation with industry experts from Check Point, offering a unique exposure to industry's capabilities and needs, and an opportunity for a real-world impact.
The workshop projects will be done in teams of up to 2 students. The assignments will be interesting and cool, but expect intensive and challenging work, and lots of self-learning. The projects will be completed and reported by the end of the semester, and there will be milestones and evaluations to ensure progress during the semester. Students will be expected to read and learn on their own any concepts and systems that are unfamiliar and needed in order to carry out the project successfully.