-
公开(公告)号:US20120174217A1
公开(公告)日:2012-07-05
申请号:US12981900
申请日:2010-12-30
申请人: Gaston Ormazabal
发明人: Gaston Ormazabal
IPC分类号: G06F11/00
CPC分类号: H04L63/1458
摘要: A method may include receiving session control messages and counting the session control messages of a same type having a same transaction identifier (ID). The method may further include blocking the session control messages of the same type having the same transaction ID when the count exceeds a threshold number. The method may further include determining whether the blocked session control messages are associated with an anomalous event and, when the blocked session control messages are not associated with the anomalous event, increasing the threshold number.
摘要翻译: 方法可以包括接收会话控制消息并对具有相同事务标识符(ID)的相同类型的会话控制消息进行计数。 该方法还可以包括当计数超过阈值数时,阻塞具有相同事务ID的相同类型的会话控制消息。 该方法还可以包括确定被阻止的会话控制消息是否与异常事件相关联,并且当阻塞的会话控制消息不与异常事件相关联时,增加阈值数量。
-
公开(公告)号:US20070147380A1
公开(公告)日:2007-06-28
申请号:US11557703
申请日:2006-11-08
IPC分类号: H04L12/56
CPC分类号: H04L63/0263 , H04L29/06027 , H04L63/029 , H04L65/1006
摘要: A method may include receiving a first packet; determining, in a first processor, whether the first packet meets a criterion to be forwarded to a destination indicated in the first packet; receiving a second packet; determining whether the second packet is of a type for changing the criterion and sending the second packet to a second processor if the second packets is of the type for changing the criterion; receiving instructions, based on the second packet sent to the second processor, to change the criterion; and changing the criterion.
摘要翻译: 一种方法可以包括:接收第一分组; 在第一处理器中确定所述第一分组是否满足要转发到所述第一分组中指示的目的地的标准; 接收第二个分组; 如果所述第二分组是用于改变所述标准的类型,则确定所述第二分组是否是用于改变所述标准的类型并将所述第二分组发送到第二处理器; 基于发送到第二处理器的第二分组接收指令来改变标准; 并改变标准。
-
公开(公告)号:US20050076235A1
公开(公告)日:2005-04-07
申请号:US10678328
申请日:2003-10-03
申请人: Gaston Ormazabal , Edward Harvey , James Sylvester
发明人: Gaston Ormazabal , Edward Harvey , James Sylvester
IPC分类号: G06F11/30
CPC分类号: H04L63/02 , H04L63/029 , H04L63/1433
摘要: A test method for Internet-Protocol packet networks that verifies the proper functioning of a dynamic pinhole filtering implementation as well as quantifying network vulnerability statistically, as pinholes are opened and closed is described. Specific potential security vulnerabilities that may be addressed through testing include: 1) excessive delay in opening pinholes, resulting in an unintentional denial of service; 2) excessive delay in closing pinholes, creating a closing delay window of vulnerability; 3) measurement of the length of various windows of vulnerability; 4) setting a threshold on a window of vulnerability such that it triggers an alert when a predetermined value is exceeded; 5) determination of incorrectly allocated pinholes, resulting in a denial of service; 6) determining the opening of extraneous pinhole/IP address combinations through a firewall which increase the network vulnerability through unrecognized backdoors; and 7) determining the inability to correlate call state information with dynamically established rules in the firewall.
摘要翻译: 描述了针对针孔打开和关闭的互联网协议分组网络的测试方法,其验证动态针孔过滤实现的正常功能以及统计地定量网络脆弱性。 可能通过测试解决的特定潜在的安全漏洞包括:1)打开针孔过多的延迟,导致无意的拒绝服务; 2)关闭针孔过度延迟,造成关闭延迟窗口的脆弱性; 3)测量各种窗口的长度; 4)在漏洞窗口设置阈值,使得当超过预定值时触发警报; 5)确定分配不正确的针孔,导致拒绝服务; 6)通过防火墙确定外部针孔/ IP地址组合的打开,通过无法识别的后门增加网络脆弱性; 以及7)确定无法将呼叫状态信息与防火墙中动态建立的规则相关联。
-
公开(公告)号:US08984627B2
公开(公告)日:2015-03-17
申请号:US12981900
申请日:2010-12-30
申请人: Gaston Ormazabal
发明人: Gaston Ormazabal
CPC分类号: H04L63/1458
摘要: A method may include receiving session control messages and counting the session control messages of a same type having a same transaction identifier (ID). The method may further include blocking the session control messages of the same type having the same transaction ID when the count exceeds a threshold number. The method may further include determining whether the blocked session control messages are associated with an anomalous event and, when the blocked session control messages are not associated with the anomalous event, increasing the threshold number.
摘要翻译: 方法可以包括接收会话控制消息并对具有相同事务标识符(ID)的相同类型的会话控制消息进行计数。 该方法还可以包括当计数超过阈值数时,阻塞具有相同事务ID的相同类型的会话控制消息。 该方法还可以包括确定被阻止的会话控制消息是否与异常事件相关联,并且当阻塞的会话控制消息不与异常事件相关联时,增加阈值数量。
-
5.发明申请SYSTEM AND METHOD FOR TESTING NETWORK FIREWALL USING FINE GRANULARITY MEASUREMENTS 有权使用精细粒度测量来测试网络防火墙的系统和方法公开(公告)号:US20070124813A1
公开(公告)日:2007-05-31
申请号:US11557751
申请日:2006-11-08
CPC分类号: H04L63/029 , H04L12/2697 , H04L29/06027 , H04L29/06625 , H04L43/50 , H04L65/1006
摘要: A device verifies whether signaled pinholes in a Session Initiation Protocol (SIP)-based perimeter protection device are open, calculates a fine granularity pinhole opening delay of the SIP-based perimeter protection device, and calculates a fine granularity pinhole closing delay of the SIP-based perimeter protection device.
摘要翻译: 设备验证基于会话发起协议(SIP)的周边保护设备中信令的针孔是否打开,计算出SIP周边保护设备的精细粒度针孔延迟,并计算出SIP- 基于周边的保护装置。
-
公开(公告)号:US20050076238A1
公开(公告)日:2005-04-07
申请号:US10679222
申请日:2003-10-03
申请人: Gaston Ormazabal , Edward Harvey , James Sylvester
发明人: Gaston Ormazabal , Edward Harvey , James Sylvester
CPC分类号: H04L63/02 , H04L41/0213 , H04L41/22 , H04L43/06 , H04L43/0852 , H04L43/0894 , H04L43/12 , H04L43/50 , H04L63/029 , H04L63/1433
摘要: A test method for Internet-Protocol packet networks that verifies the proper functioning of a dynamic pinhole filtering implementation as well as quantifying network vulnerability statistically, as pinholes are opened and closed is described. Specific potential security vulnerabilities that may be addressed through testing include: 1) excessive delay in opening pinholes, resulting in an unintentional denial of service; 2) excessive delay in closing pinholes, creating a closing delay window of vulnerability; 3) measurement of the length of various windows of vulnerability; 4) setting a threshold on a window of vulnerability such that it triggers an alert when a predetermined value is exceeded; 5) determination of incorrectly allocated pinholes, resulting in a denial of service; 6) determining the opening of extraneous pinhole/IP address combinations through a firewall which increase the network vulnerability through unrecognized backdoors; and 7) determining the inability to correlate call state information with dynamically established rules in the firewall.
摘要翻译: 描述了针对针孔打开和关闭的互联网协议分组网络的测试方法,其验证动态针孔过滤实现的正常功能以及统计地定量网络脆弱性。 可能通过测试解决的特定潜在的安全漏洞包括:1)打开针孔过多的延迟,导致无意的拒绝服务; 2)关闭针孔过度延迟,造成关闭延迟窗口的脆弱性; 3)测量各种窗口的长度; 4)在漏洞窗口设置阈值,使得当超过预定值时触发警报; 5)确定分配不正确的针孔,导致拒绝服务; 6)通过防火墙确定外部针孔/ IP地址组合的打开,通过无法识别的后门增加网络脆弱性; 以及7)确定无法将呼叫状态信息与防火墙中动态建立的规则相关联。
-
公开(公告)号:US20050075842A1
公开(公告)日:2005-04-07
申请号:US10678779
申请日:2003-10-03
申请人: Gaston Ormazabal , Edward Harvey , James Sylvester
发明人: Gaston Ormazabal , Edward Harvey , James Sylvester
CPC分类号: H04L63/02 , H04L63/1433
摘要: A test method for Internet-Protocol packet networks that verifies the proper functioning of a dynamic pinhole filtering implementation as well as quantifying network vulnerability statistically, as pinholes are opened and closed is described. Specific potential security vulnerabilities that may be addressed through testing include: 1) excessive delay in opening pinholes, resulting in an unintentional denial of service; 2) excessive delay in closing pinholes, creating a closing delay window of vulnerability; 3) measurement of the length of various windows of vulnerability; 4) setting a threshold on a window of vulnerability such that it triggers an alert when a predetermined value is exceeded; 5) determination of incorrectly allocated pinholes, resulting in a denial of service; 6) determining the opening of extraneous pinhole/IP address combinations through a firewall which increase the network vulnerability through unrecognized backdoors; and 7) determining the inability to correlate call state information with dynamically established rules in the firewall.
摘要翻译: 描述了针对针孔打开和关闭的互联网协议分组网络的测试方法,其验证动态针孔过滤实现的正常功能以及统计地定量网络脆弱性。 可能通过测试解决的特定潜在的安全漏洞包括:1)打开针孔过多的延迟,导致无意的拒绝服务; 2)关闭针孔过度延迟,造成关闭延迟窗口的脆弱性; 3)测量各种窗口的长度; 4)在漏洞窗口设置阈值,使得当超过预定值时触发警报; 5)确定分配不正确的针孔,导致拒绝服务; 6)通过防火墙确定外部针孔/ IP地址组合的打开,通过无法识别的后门增加网络脆弱性; 以及7)确定无法将呼叫状态信息与防火墙中动态建立的规则相关联。
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.015 秒)
