-
公开(公告)号:US20160021062A1
公开(公告)日:2016-01-21
申请号:US14869132
申请日:2015-09-29
Applicant: Huawei Technologies Co., Ltd.
Inventor: Yongbo Pan
CPC classification number: H04L63/0281 , G06F17/2705 , H04L61/2007 , H04L63/0245 , H04L63/1466 , H04L63/164 , H04L63/166 , H04L69/16
Abstract: An attack defense processing method and a protection device. The attack defense processing method includes the protection device receives a first packet by a protection device, if it is determined that the first packet is an Internet Control Message Protocol version 6 (ICMPv6) Packet Too Big packet, parses the first packet to obtain an internet protocol (IP) address of a source node, an IP address of a destination node, and a Maximum Transmission Unit (MTU) value that are carried in the first packet, determines a range of valid MTUs on a path between the source node and the destination node according to the IP address of the source node and the IP address of the destination node, and performs attack defense processing for the first packet when it is determined that the MTU value does not belong to the range of the valid MTUs.
Abstract translation: 防攻击处理方法和保护装置。 防攻击处理方法包括保护装置由保护装置接收第一分组,如果确定第一分组是因特网控制消息协议版本6(ICMPv6)分组太大分组,则解析第一分组以获得互联网 源节点的协议(IP)地址,目的地节点的IP地址和最大传输单元(MTU)值,确定在源节点和源节点之间的路径上的有效MTU的范围 根据源节点的IP地址和目的节点的IP地址进行目的节点,并且在确定MTU值不属于有效MTU的范围时,对第一个分组进行攻击防范处理。
-
公开(公告)号:US09912643B2
公开(公告)日:2018-03-06
申请号:US14869132
申请日:2015-09-29
Applicant: Huawei Technologies Co., Ltd.
Inventor: Yongbo Pan
CPC classification number: H04L63/0281 , G06F17/2705 , H04L61/2007 , H04L63/0245 , H04L63/1466 , H04L63/164 , H04L63/166 , H04L69/16
Abstract: An attack defense processing method and a protection device. The attack defense processing method includes the protection device receives a first packet by a protection device, if it is determined that the first packet is an Internet Control Message Protocol version 6 (ICMPv6) Packet Too Big packet, parses the first packet to obtain an internet protocol (IP) address of a source node, an IP address of a destination node, and a Maximum Transmission Unit (MTU) value that are carried in the first packet, determines a range of valid MTUs on a path between the source node and the destination node according to the IP address of the source node and the IP address of the destination node, and performs attack defense processing for the first packet when it is determined that the MTU value does not belong to the range of the valid MTUs.
-
公开(公告)号:US20140325648A1
公开(公告)日:2014-10-30
申请号:US14330722
申请日:2014-07-14
Applicant: Huawei Technologies Co., Ltd.
Inventor: Gaoqiang Liu , Yongbo Pan , Li Yang
IPC: H04L29/06
CPC classification number: H04L63/1458 , H04L63/1425 , H04L63/166 , H04L69/24
Abstract: An attack defense method and device. The method includes counting the number of renegotiations in a transmission control protocol (TCP) connection, where the number of the renegotiations is the number of repeated negotiations between a client and a server in the TCP connection. When the number of the renegotiations in the TCP connection is greater than a preset threshold of the number of renegotiations, determining that the TCP connection is an abnormal connection and disconnecting the TCP connection. Embodiments of the present invention also provide an attack defense device, implementing effective defense against a secure socket layer (SSL) denial of service (DOS) attack behavior.
Abstract translation: 攻击防御方法和设备。 该方法包括对传输控制协议(TCP)连接中重新协商的次数进行计数,其中重新协商的次数是TCP连接中的客户端和服务器之间重复协商的次数。 当TCP连接中重新协商的数量大于重新协商数量的预设阈值时,确定TCP连接是异常连接并断开TCP连接。 本发明的实施例还提供了一种针对安全套接层(SSL)拒绝服务(DOS)攻击行为的有效防御的防攻击装置。
-
-
Search Results
3
records
(took 0.013 seconds)
