Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing, China.
Department of Electronic Engineering, Tsinghua University, Beijing, China.
PLoS One. 2021 Feb 2;16(2):e0246293. doi: 10.1371/journal.pone.0246293. eCollection 2021.
Eliminating unnecessary exposure is a principle of server security. The huge IPv6 address space enhances security by making scanning infeasible, however, with recent advances of IPv6 scanning technologies, network scanning is again threatening server security. In this paper, we propose a new model named addressless server, which separates the server into an entrance module and a main service module, and assigns an IPv6 prefix instead of an IPv6 address to the main service module. The entrance module generates a legitimate IPv6 address under this prefix by encrypting the client address, so that the client can access the main server on a destination address that is different in each connection. In this way, the model provides isolation to the main server, prevents network scanning, and minimizes exposure. Moreover it provides a novel framework that supports flexible load balancing, high-availability, and other desirable features. The model is simple and does not require any modification to the client or the network. We implement a prototype and experiments show that our model can prevent the main server from being scanned at a slight performance cost.
消除不必要的暴露是服务器安全的原则。IPv6 巨大的地址空间通过使扫描变得不可行来增强安全性,但是,随着 IPv6 扫描技术的最新进展,网络扫描再次威胁到服务器的安全。在本文中,我们提出了一种名为无地址服务器的新模型,它将服务器分为入口模块和主服务模块,并为主服务模块分配一个 IPv6 前缀而不是 IPv6 地址。入口模块通过加密客户端地址在该前缀下生成一个合法的 IPv6 地址,以便客户端可以在每个连接中使用不同的目标地址访问主服务器。这样,该模型为主服务器提供了隔离,防止了网络扫描,并最大限度地减少了暴露。此外,它提供了一个新颖的框架,支持灵活的负载均衡、高可用性和其他理想的特性。该模型简单,不需要对客户端或网络进行任何修改。我们实现了一个原型,实验表明我们的模型可以在轻微的性能成本下防止主服务器被扫描。
