Abstract:
A system for providing security in a computing network. The system has a server for distributing policies to be implemented by firewall devices in the network. The firewall devices provide hardware implemented firewalls to communication devices making network connections. The system has logic to allow a connection to be made to the network via a communication device at a node provided the firewall device is at that node. Therefore, the firewall device must be in the system for a connection to be established via the communication device. Additionally, the system is configured to cause data transferred by the communication device to be processed by the firewall.
Abstract:
A method is described a NIC to ascertain the presence of spoofing activity and thus detect unauthorized network access. The NIC monitors for packets purporting to be from itself. In one embodiment, a NIC views packets trafficking on its network and monitors for packets having its own MAC Address, but which it did not send. In another embodiment, the NIC monitors for packets having its own IP address, but which it did not send. These falsely purportive packets originate not from the observant NIC, but suspiciously from elsewhere. Such suspect origins entities may be rogue entities attempting to gain unauthorized network access. These embodiments detect unauthorized access to a network by ascertaining the presence of spoofing activity in a manner that does not require gross revamping of network architecture or the burdening of network accessibility by legitimate authorized entities.
Abstract:
Methods of determining whether a network interface card entry within the system registry of a Windows™-based operating system pertains to “real” physical hardware or to a “virtual” device. In one embodiment of the present invention, the method includes the steps of: (1) opening the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\Net key entry of the system registry; (2) examining each of the sub-keys for the “Net” key, and find one with a “DriverDesc” string value matching a NIC; (3) opening the “Ndi” key under the matching sub-key; (4) getting the “DeviceID” string value under the “Ndi” key; and, (5) searching the “DeviceID” string for a backslash “\” character. If the backslash character is found, then it can be concluded that the network interface card entry is associated with “real” physical hardware. Otherwise, it can be concluded that the network interface card entry is associated with a “virtual” device. In one particular embodiment, the present invention is implemented as part of a network configuration software or network monitoring software and allows users or system administrators to more easily monitor and modify the settings for network interface cards installed on a computer system running on Windows 95® or Windows 98® operating systems.
Abstract:
Secure communications on a network. An unauthenticated client on an network sends start packets to locate other clients. The unauthenticated client receives responses to the start packets from other clients on the network. The responses may be advertise packets that are from advertising clients that may be authenticated clients or other unauthenticated clients in authenticated mode. The unauthenticated client prioritizes the received packets so that authentication can be performed with the most desirable advertising client. Authentication packets are sent and received between the unauthenticated client and the advertising client in an attempt to authenticate.
Abstract:
Secure communications on a network. An unauthenticated client on an network sends start packets to locate other clients. The unauthenticated client receives responses to the start packets from other clients on the network. The responses may be advertise packets that are from advertising clients that may be authenticated clients or other unauthenticated clients in authenticated mode. The unauthenticated client prioritizes the received packets so that authentication can be performed with the most desirable advertising client. Authentication packets are sent and received between the unauthenticated client and the advertising client in an attempt to authenticate.
Abstract:
Secure communications on a network. An unauthenticated client on an network sends start packets to locate other clients. The unauthenticated client receives responses to the start packets from other clients on the network. The responses may be advertise packets that are from advertising clients that may be authenticated clients or other unauthenticated clients in authenticated mode. The unauthenticated client prioritizes the received packets so that authentication can be performed with the most desirable advertising client. Authentication packets are sent and received between the unauthenticated client and the advertising client in an attempt to authenticate.
Abstract:
A method for providing security in a computing network. A device connects to a network and authenticates itself with a server. Next, the server adds the IP address of the device to a list of trusted devices. The server broadcasts the trusted IP address to all devices in the network to which the newly authenticated device is allowed to communicate. The devices in the network add the trusted IP address to a list of trusted address stored on each device. The server may also transmit its stored list to the newly authenticated device. After a device has received a packet, it determines if the IP address associated with the packet is on its trusted list. If it is, the device processes the packet. If the IP address is not found on the safe list, the device queries the authentication server to determine if the IP address is safe.
Abstract:
The present invention provides a method for detecting TCP/IP (Transmission Control Protocol/Internet Protocol) bindings for Network Interface Cards (NICs) installed on Windows 95™ and Windows 98™ operating systems with a VPN (Virtual Private Network) client present. More particularly, the present invention provides a method for parsing the Windows™ system registry to detect TCP/IP bindings for network interface cards installed within a host computer system. In one embodiment, a function for detecting TCP/IP bindings of one network interface card implemented and repeated for all keys of the registry of a computer software for detecting the TCP/IP bindings for network interface cards installed on the host computer system.
Abstract:
A method for detecting TCP/IP (Transmission Control Protocol/Internet Protocol) bindings for Network Interface Cards (NICs) installed on Windows 95® and Windows 98® operating systems with a VPN (Virtual Private Network) client present. The present invention provides a method for parsing the Windows™ system registry to detect TCP/IP bindings for network interface cards installed within a host computer system. In one embodiment, a DriverCheck function and a HardwareCheck function are implemented as parts of a computer software for detecting the TCP/IP bindings for network interface cards installed on the host computer system.