Problem Statement : Virus ....DOS(denail of services) ....spoofing ...hacking....routers....firewalls.

    Innovative exploit:  
                     Routers,firewalls,email-scanners definition ...intended purpose refer else where on the www,
 
                    understanding and interpreting from tcp/ip protocols ...communications-means 
               
                    ...given the context and nature how text parsers work ...usually what are termable as
                    the equivalent viz. properitary verisions of the 'proc' embedded and marketed in these
                    appliances ...marketed for the purpose ...viz. bit-stream parsing for nullifying threat from
                    the above.

Opportunity a):   Given the context amount of time delay in packet forward or routing to the destination
                  host (https/ssh/...other session state transactions ...) ...milli micro seconds count,
                  translating into mips of the processing power of the gateways (termed routers, firewalls,
                  email-scanners) ...thus offering multiple symmetric-processing power ...a distinct advantage
                  ...the more the number of processors the better ...viz. the more the traffic ...the better
                  equipped to handle the traffic and the bandwidth for the above intended 


                  The validity and usage of the such appliances ...given the context of protocols like
                  https/ssh/pgp ...encrypted means ?? ...for all such purposes as interpretable in 'Problem-statement'.

                  Thus given the context ...any means or employability of termed appliances(futility or validity)
                  at intermediary points(server and client) ....is not only foolish ...wastage of processing power
                  ...wastage of time!!  or is the data or encryption algorithms safe-enough or protected with out 
                  being subjected to phising or spoofing or hacking before being destined to the intended hosts
                  and the intended user ??.                  


                  All such data-guards/safe-gaurds should be employed at the endpoints viz. computers or hosts,

                  given the context as exemplified or envisaged in the document below and else-where in the 
                  document ...a module at the OS level that takes care parsing the text ...identifying the
                  vulnerabilities post decryption (ideal implementation being  encryption at network driver level
                  in the stack of os design)...immunization or post threat free ...routing to application handlers.


                  or given the context or choice both commercial viability and backward compatibility
                  ...given that all malware ...is either shipped via a network medium / pen-drives etc/ email

                  a said anti-virus module at OS level that can sit just between the browser-cache and the 
                  browser ...say plug-in into the  browser ...ability to handle ...anti-virus or malware
                  threats either at scripting level or software downloads (intercepted by antivirus software),
                  all data intercepted before copying into the integrated storage mediums of a computer or host.


Opportunity b):  prioritize application usage (organization level, individual user level) ....allocate bandwidth accordingly


             1)    Deriving from sockets programming ....differentiation ,standardized notion or  usage of various ports
                   for specific purposes or protocols

 
                ability to allocate bandwidth or define policies on firewall/routers ....on port level or protocol level

                thus in an organization where email usage is more a priority than web or http access ,  the

                ability to allocate more bandwidth to port 25 for external routing/receipt for  a email server,

                or more bandwidth to 110, imap4 when connecting to external mail-servers than on port 80.


        Thus ability to define rules or prioritize ....bandwith allocation generically organization wide at fire-wall,

        as also proliferate the concept to individual destination IP or Host-wise based on the usage to individual
        users .i.e. for a end-user in a organization ability to define priorities port-wise ....based on the above
        pattern.

       
               
           2) In a ldap centric or remote-adminstration or generic-policy adminstration to hosts at the OS level,
              ability to control define attributes or characteristic's of a 'NIC' behaviour at OS level by defining
              and rolling out generic or customized(host wise) Policies


Opportunity c): as envisaged in projects.pdf , elsewhere on this url/uri


               most fire-wall's ...require a restart or reboot ...to make effective any change in rules that effect
               bandwidth.


               In scenario's like Intrusion detection ...or malware (eg...say a scripting based virus ...shared drives
               or folders...copy or flooding data) 


               ....ability to endow the administrator to dynamically block traffic on a specific port or
                   hotlist a ip or domain ....temporarily ....without effecting transaction's or session's on the
                   other ports/ip.



Opportunity d): Most firewalls, routers ....log a variety of data pertaining to usage of the network, voilation of rules,

                 ....these logs ...can be piped i.e. a web-analytics or other similar analytics from BI software can

                 be applied to such accumalated data ....provided proper interface to access these logs by software offering

                 or performing analytics on the logs.
                 



Note: The above problem statement having been encountered in various scenarios
      and detailed in various 'Proof of concepts' as mentioned in 
      
       http://uk.geocities.com/ravivenkatus/projects.pdf
       http://ravishankarkv.tripod.com/projects.pdf
        ....apply appropriate
      'use-case' modeling and arrive at a workable and feasible solution both
       commercially and techinically viable.

----------------------------------------------------------------------------------------------
