Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > VHDL > Is a block spoof IP filter in hardware (VHDL design) is required

Thread Tools

Is a block spoof IP filter in hardware (VHDL design) is required
Posts: n/a
IP TTL spoofed packet block in VHDL

I read recently, that some linux kernels have the ability to block spoofed packets. Some hackers attack servers by sending many packets. They also putsome fake data in the offending packets. The arrival of multiple packets, with a well known source IP, in the spoofed packet, causes many interrupts in the server. This, in the best case, results with a degraded performance.Some kernels try to counter attack with an IP TTL block spoofed filter. I have decided to build such a filter in hardware. I would like to do the jobin hardware (VHDL design), therefor offloading the kernel from this job. The idea is to have two main states in hardware machine, per each incoming IP namely: learning and check. In the former the hardware machine will builda table, per each incoming source IP, where it will average the TTL valuesof the packet. Once a programmable number of TTL values, for a given packet, have been studied, the hardware (VHDL design) machine switches to check mode. During check mode, if a packet arrives and its TTL is outside an allowable range, a block packet indication is set. Such an implementation requires memory. With the way the design is implemented any memory smaller than 32 bits addressable, for IPV4, can be used.

Is a block spoof IP filter in hardware (VHDL design) is required.
Please share your thoughts.
Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
hardware design and vhdl Amit VHDL 3 02-11-2008 06:49 PM
Help on auto conversion from Matlab to vhdl on filter design hardheart Hardware 0 12-07-2007 09:19 AM
Fo:Block can you check to see if a block contains any text by using the block id? morrell XML 1 10-10-2006 07:18 PM
VHDL-200x and Object-Oriented Hardware design Amal VHDL 11 06-12-2006 08:53 PM
info regarding digital low pass fir filter design in VHDL... dhaanya nair VHDL 0 02-26-2004 08:36 AM