摘要:
A plurality of computer nodes communicates using seemingly random IP source and destination addresses and (optionally) a seemingly random discriminator field. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are rejected. In addition to “hopping” of IP addresses and discriminator fields, hardware addresses such as Media Access Control addresses can be hopped. The hopped addresses are generated by random number generators having non-repeating sequence lengths that are easily determined a-priori, which can quickly jump ahead in sequence by an arbitrary number of random steps and which have the property that future random numbers are difficult to guess without knowing the random number generator's parameters. Synchronization techniques can be used to re-establish synchronization between sending and receiving nodes.
摘要:
A plurality of computer nodes communicates using seemingly random IP source and destination addresses and (optionally) a seemingly random discriminator field. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are rejected. In addition to “hopping” of IP addresses and discriminator fields, hardware addresses such as Media Access Control addresses can be hopped. The hopped addresses are generated by random number generators having non-repeating sequence lengths that are easily determined a-priori, which can quickly jump ahead in sequence by an arbitrary number of random steps and which have the property that future random numbers are difficult to guess without knowing the random number generator's parameters. Synchronization techniques can be used to re-establish synchronization between sending and receiving nodes.
摘要:
A plurality of computer nodes communicate using seemingly random Internet Protocol source and destination addresses. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are quickly rejected. Improvements to the basic design include (1) a load balancer that distributes packets across different transmission paths according to transmission path quality; (2) a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry; (3) a large-to-small link bandwidth management feature that prevents denial-of-service attacks at system chokepoints; (4) a traffic limiter that regulates incoming packets by limiting the rate at which a transmitter can be synchronized with a receiver; and (5) a signaling synchronizer that allows a large number of nodes to communicate with a central node by partitioning the communication function between two separate entities.
摘要:
A technique is disclosed for establishing a secure communication link between a first computer and a second computer over a computer network. Initially, a secure communication mode of communication is enabled at a first computer without a user entering any cryptographic information for establishing the secure communication mode of communication. Then, a secure communication link is established between the first computer and a second computer over a computer network based on the enabled secure communication mode of communication. The secure communication link is a virtual private network communication link over the computer network in which one or more data values that vary according to a pseudo-random sequence are inserted into each data packet.
摘要:
A secure domain name service for a computer network is disclosed that includes a portal connected to a computer network, such as the Internet, and a domain name database connected to the computer network through the portal. The portal authenticates a query for a secure computer network address, and the domain name database stores secure computer network addresses for the computer network. Each secure computer network address is based on a non-standard top-level domain name, such as .scom, .sorg, .snet, .snet, .sedu, .smil and .sint.
摘要:
A secure domain name service for a computer network is disclosed that includes a portal connected to a computer network, such as the Internet, and a domain name database connected to the computer network through the portal. The portal authenticates a query for a secure computer network address, and the domain name database stores secure computer network addresses for the computer network. Each secure computer network address is based on a non-standard top-level domain name, such as .scom, .sorg, .snet, .snet, .sedu, .smil and .sint.
摘要:
The invention provides a method for the immobilisation of at least one type of carbohydrate molecule comprising contacting a surface with a plasma of at least one monomer to provide a plasma polymer coated surface and contacting said polymer surface with a carbohydrate molecule.
摘要:
A method for culturing mammalian cells without the need for the addition of xenobiotic materials which promote mammalian cell culture, for example, serum or a pituitary extract and including methods for the production of cells for use in tissue engineering and the production of recombinant protein.
摘要:
An apparatus and method for etching a point on the surface of a magnetic medium to reduce the reflectivity of the point and for verifying that proper etching occurred. A light source provides a collimated incident beam of light. The incident beam is focused to a point on the medium and a portion of the beam is reflected. The reflected beam is separated from the incident beam and the intensity of the reflected beam is measured. The measured intensity is compared to a threshold value and verification is indicated if the measured intensity exceeds the threshold value.
摘要:
Embodiments of the inventive technology may provide a leaked fluid detection and response system in one aspect, and in another aspect, an environmental enclosure for at least a component of such leaked fluid detection system. Various embodiments of the leaked fluid detection and response system may provide wireless communication of detected leaks and a PLC that automates response and provides information regarding the presence of a leak. Enclosures may, in various embodiments, comprehensively surround enclosed components, thermally insulate enclosed components, include a leaked fluid capture basin, be aerodynamically streamlined, and/or be vermin-tight.