Figure 6.
Filter Incoming and Outgoing Packets
5.3.2
Filter Outgoing Network Packets
When the intermediate driver receives an outgoing packet
from the protocol driver, it copies this packet to its pre-
allocated packet, and send this new copy down to the mini-
port driver. The miniport driver then send this packet out.
As mentioned in 5.3.1, each network packet includes its
5
Figure 7.
Filtering Incoming and Outgoing Net-
work Traffic
source and destination IP addresses in its header session,
the intermediate driver can extract these two IP addresses
from the packet header and perform the filtering based on
source and destination IP addresses. Thus, the interme-
diate driver can filter the outgoing network packets before
passing them down to the adapter (shown in Figure 6). Fig-
ure 7 illustrates an example of filtering outgoing network
traffic.
6
Conclusion
Handheld computers are important computing tools due
to their size and light weight. However, handheld devices
also become attackers’ targets as they become more popu-
lar. We reviewed some security threats to handheld com-
puters and proposed several possible solutions. The first
solution is to use a desktop computer as a bastion host.
The second one is to build a personal firewall in a hand-
held computer. We highlighted the difficulty of building a
personal firewall in a Pocket PC operating system. We de-
scribed an implementation in an iPAQ Pocket PC which is
equipped with a Strong ARM processor with 206 MHz.
References
[1] Firewalls: how secure are they? Australian PC USER,
pages 52–56, September 2002.
[2] Steven M. Bellovin and William R. Cheswick. Network
firewalls. IEEE Communications Magazine, pages 50–
57, September 1994.
[3] Bullyonline.
Bullying
and
suicide.
http://www.bullyonline.org/stress/suicide.htm.
[4] William R. Cheswick, Steven M. Bellovin, and Aviel D.
Rubin. Firewalls and Internet Security: Repelling the
Wily Hacker. Addison Wesley Professional, second edi-
tion, 2003.
[5] Leah Creighton. Text message bullies prey on children.
The Sunday Telegraph, November 3, 2002.
[6] Trusted Information Systems (TIS) Firewall Toolkit
(FWTK). http://www.fwtk.org.
[7] Trend
Micro
Inc.
PC-cillin
for
Wireless.
http://www.trendmicro.com/en/products/desktop/pc-
cillin/evaluate/overview.htm.
[8] Kingpin and Mudge. Security analysis of the palm
operating system and its weaknesses against malicious
code threats. Proceeding of the 10th USENIX Security
Symposium, pages 135–151, 2001.
[9] Neal Leavitt. Malicious code moves to mobile devices.
Computer, 33(12):16–19, December 2000.
[10] Permeo Technologies Ltd.
The Source for SOCKS
Technology. http://www.socks.permeo.com/.
[11] McAfee Security. http://www.mcafee.com.
[12] McAfee Security.
Virus Information.
http
:
//www.mcaf ee.com/anti − virus/default.asp.
[13] Frank McPherson. How to Do Everything with Your
Pocket PC. McGraw-Hill/Osborne, 2nd edition edi-
tion, 2002.
[14] Microsoft Corporation. Microsoft Windows CE Devel-
oper’s Kit (Microsoft Professional Editions). Microsoft
Press, 1999.
[15] Sandra Kay Miller. Facing the challenge of wireless
security. Computer, 34(7), July 2001.
[16] U. Murthy, O.Bukhres, W. Winn, and E. Vanderdez.
Firewalls for security in wireless networks. Proceedings
of the 31st Hawaii International Conference on System
Science (HICSS’98), 1998.
[17] NFR Security. http://www.nfr.com/.
[18] Terry William Ogletree. Practical Firewalls. QUE,
June 2000.
[19] Ton Plooy. Packet filtering with iphlpapi.dll. Windows
Developer Magazine, Volume 11 Number 10, October
2000.
[20] McAfee
Security.
VirusScan
Wire-
less. http://www.mcafeeb2b.com/products/virusscan-
wireless/default.asp.
[21] Symantec Corporation. http://www.symantec.com/.
[22] Internet Security Systems. http://www.iss.net/.
[23] Zone Labs Inc. http://www.zonelabs.com/.
[24] Elizabeth D. Zwicky, Simon Cooper, and D. Brent
Chapman. Building Internet Firewalls. O’Reilly &
Associates, 2nd edition, 2000.
[25] Tina Zych. Personal firewalls: What are they, how do
they work? http://www.sans.org, August 22, 2000. 11.
6
View publication stats
|