Blocking Java applets at the firewall

This paper explores the problem of protecting a site on the Internet against hostile external Java applets while allowing trusted internal applets to run. With careful implementation, a site can be made resistant to current Java security weaknesses as well as those yet to be discovered. In addition, we describe a new attack on certain sophisticated firewalls that is most effectively realized as a Java applet.

[1]  Michel Gien,et al.  A File Transfer Protocol (FTP) , 1978, Comput. Networks.

[2]  Jon Postel,et al.  Assigned Numbers , 1979, RFC.

[3]  J. Postel,et al.  File transfer protocol (FTP) , 1985 .

[4]  Clifford Stoll,et al.  The Cuckoo's Egg , 1989 .

[5]  Alec Wolman,et al.  X Through the Firewall, and Other Application Relay , 1993, USENIX Summer.

[6]  Marcus J. Ranum,et al.  A NETWORK PERIMETER WITH SECURE EXTERNAL ACCESS , 1994 .

[7]  Steven M. Bellovin,et al.  Firewall-Friendly FTP , 1994, RFC.

[8]  William Cheswick,et al.  Firewalls and Internet Security , 1994 .

[9]  Elizabeth D. Zwicky,et al.  Building internet firewalls , 1995 .

[10]  Bill Cheswick,et al.  Firewalls and internet security - repelling the wily hacker , 2003, Addison-Wesley professional computing series.

[11]  Dan S. Wallach,et al.  Java security: from HotJava to Netscape and beyond , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[12]  Jeffrey C. Mogul,et al.  Simple and Flexible Datagram Access Controls for UNIX-based Gateways , 1999 .