公开(公告)号：US07113508B1

公开(公告)日：2006-09-26

申请号：US10160831

申请日：2002-05-31

Applicant: John C. Mayes ,  Brantley W. Coile

Inventor： John C. Mayes ,  Brantley W. Coile

IPC: H04L12/28

CPC classification number: H04L29/12009 ,  H04L29/12367 ,  H04L29/12481 ,  H04L61/2514 ,  H04L61/2557 ,  H04L63/0227

Abstract: A system and method are provided for translating local IP addresses to globally unique IP addresses. This allows local hosts in an enterprise network to share global IP addresses from a limited pool of such addresses available to the enterprise. The translation is accomplished by replacing the source address in headers on packets destined for the Internet and by replacing destination address in headers on packets entering the local enterprise network from the Internet. Packets arriving from the Internet are screened by an adaptive security algorithm. According to this algorithm, packets are dropped and logged unless they are deemed nonthreatening. DNS packets and certain types of ICMP packets are allowed to enter local network. In addition, FTP data packets are allowed to enter the local network, but only after it has been established that their destination on the local network initiated an FTP session.

公开(公告)号：US5793763A

公开(公告)日：1998-08-11

申请号：US552807

申请日：1995-11-03

Applicant: John C. Mayes ,  Brantley W. Coile

Inventor： John C. Mayes ,  Brantley W. Coile

IPC: G06F11/20 ,  H01R31/00 ,  H04L12/24 ,  H04L29/06 ,  H04L29/08 ,  H04L29/12 ,  H04L29/14 ,  H04J3/24

CPC classification number: H04L63/0254 ,  H01R31/005 ,  H04L12/24 ,  H04L29/06 ,  H04L29/12009 ,  H04L29/12367 ,  H04L29/125 ,  H04L29/12924 ,  H04L41/00 ,  H04L61/2514 ,  H04L61/2564 ,  H04L61/6063 ,  H04L69/40 ,  H01R2201/04

Abstract: A system and method are provided for translating local IP addresses to globally unique IP addresses. This allows local hosts in an enterprise network to share global IP addresses from a limited pool of such addresses available to the enterprise. The translation is accomplished by replacing the source address in headers on packets destined for the Internet and by replacing destination address in headers on packets entering the local enterprise network from the Internet. Packets arriving from the Internet are screened by an adaptive security algorithm. According to this algorithm, packets are dropped and logged unless they are deemed nonthreatening. DNS packets and certain types of ICMP packets are allowed to enter local network. In addition, FTP data packets are allowed to enter the local network, but only after it has been established that their destination on the local network initiated an FTP session.

公开(公告)号：US07583668B1

公开(公告)日：2009-09-01

申请号：US11502021

申请日：2006-08-09

Applicant: John C. Mayes ,  Brantley W. Coile

Inventor： John C. Mayes ,  Brantley W. Coile

IPC: H04Q11/04

CPC classification number: H04L29/12009 ,  H04L29/12367 ,  H04L29/12481 ,  H04L61/2514 ,  H04L61/2557 ,  H04L63/0227

Abstract: A system and method are disclosed for providing perform network address translation of network layer addresses of packets exchanged between nodes on a local network and nodes outside the local network. This allows local hosts in an enterprise network to share global IP addresses from a limited pool of such addresses available to the enterprise. The translation may be accomplished by replacing the source address in headers on packets destined for the Internet and by replacing destination address in headers on packets entering the local enterprise network from the Internet. Packets arriving from the Internet are screened by an adaptive security algorithm. According to this algorithm, packets are dropped and logged unless they are deemed nonthreatening.

Abstract translation: 公开了一种用于提供在本地网络上的节点和本地网络之外的节点之间交换的分组的网络层地址的网络地址转换的系统和方法。 这允许企业网络中的本地主机从企业可用的这种地址的有限池中共享全局IP地址。 可以通过替换目的地为因特网的分组的报头中的源地址和通过从因特网替换进入本地企业网络的分组的报头中的目的地地址来替换翻译。 从互联网到达的数据包通过自适应安全算法进行​​屏蔽。 根据该算法，除非被认为是非威胁的，否则丢弃并记录数据包。

公开(公告)号：US06510154B1

公开(公告)日：2003-01-21

申请号：US09131812

申请日：1998-08-10

Applicant: John C. Mayes ,  Brantley W. Coile

Inventor： John C. Mayes ,  Brantley W. Coile

IPC: H04Q1104

CPC classification number: H04L63/0254 ,  H01R31/005 ,  H01R2201/04 ,  H04L29/06 ,  H04L29/12009 ,  H04L29/12367 ,  H04L29/125 ,  H04L29/12924 ,  H04L41/00 ,  H04L61/2514 ,  H04L61/2564 ,  H04L61/6063 ,  H04L69/40

Abstract: A system and method are provided for translating local IP addresses to globally unique IP addresses. This allows local hosts in an enterprise network to share global IP addresses from a limited pool of such addresses available to the enterprise. The translation is accomplished by replacing the source address in headers on packets destined for the Internet and by replacing destination address in headers on packets entering the local enterprise network from the Internet. Packets arriving from the Internet are screened by an adaptive security algorithm. According to this algorithm, packets are dropped and logged unless they are deemed nonthreatening. DNS packets and certain types of ICMP packets are allowed to enter local network. In addition, FTP data packets are allowed to enter the local network, but only after it has been established that their destination on the local network initiated an FTP session.

Abstract translation: 提供了一种用于将本地IP地址转换为全局唯一IP地址的系统和方法。 这允许企业网络中的本地主机从企业可用的这种地址的有限池中共享全局IP地址。 通过替换目的地为因特网的数据包的头中的源地址和通过从因特网替换进入本地企业网络的数据包的头中的目标地址来实现翻译。 从互联网到达的数据包通过自适应安全算法进行​​屏蔽。 根据该算法，除非被认为是非威胁的，否则丢弃并记录数据包。 DNS报文和某些类型的ICMP报文被允许进入本地网络。 此外，FTP数据包允许进入本地网络，但只有在建立后，其本地网络上的目的地才能启动FTP会话。