-
公开(公告)号:US07007169B2
公开(公告)日:2006-02-28
申请号:US09826046
申请日:2001-04-04
CPC分类号: H04L63/101 , H04L29/12009 , H04L29/12783 , H04L61/35 , H04L63/1416 , H04L63/1458
摘要: An intrusion detection security system (IDSS) guards a server against vandals' attacks such as denial of service, distributed denial of service, and common gateway interface attacks. An incoming source address is compared with the contents of a database of privileged addresses. If the incoming address is present in the database, the IDSS instructs protective equipment such as a firewall or router to allow the incoming message to pass to the web server despite any ongoing attack, thus allowing messages from customers or suppliers, for example, through. Otherwise, the IDSS checks a database of blocked addresses. When the incoming address is absent, the IDSS writes the address to the database of blocked addresses and instructs the protective equipment to block subsequent messages from the incoming address.
-
2.发明授权System, method and program to control access to virtual LAN via a switch 失效通过交换机控制对虚拟LAN的访问的系统,方法和程序公开(公告)号:US07936670B2
公开(公告)日:2011-05-03
申请号:US11733904
申请日:2007-04-11
IPC分类号: G06F21/20
CPC分类号: H04L12/4666 , H04L63/08 , H04L63/0876
摘要: System method and program for controlling access to a VLAN via a port of a VLAN switch system. In response to receipt of a message packet at the port, the switch system determines if a MAC address of the packet matches a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. The MAC address of the packet does not match a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. In response, the switch system blocks the packet if a rate of ill-formed packets and/or packets from an unrecognized MAC address exceeds a threshold pass rate. The threshold pass rate can be adjusted based on the rate of change of receipt of ill-formed packets and/or packets from an unrecognized MAC address.
摘要翻译: 用于通过VLAN交换机系统的端口控制对VLAN的访问的系统方法和程序。 响应于在端口处接收到消息分组,交换机系统确定分组的MAC地址是否与端口已经被编程的MAC地址匹配以被识别为被授权与端口通信的设备的MAC地址。 数据包的MAC地址与端口已被编程为识别为被授权与端口通信的设备的MAC地址的MAC地址不匹配。 作为响应,如果来自不可识别的MAC地址的不正确的分组和/或分组的速率超过阈值合格率,则交换机系统阻塞分组。 可以基于从不可识别的MAC地址接收到不合格的分组和/或分组的变化率来调整阈值合格率。
-
3.发明申请SYSTEM, METHOD AND PROGRAM TO CONTROL ACCESS TO VIRTUAL LAN VIA A SWITCH 失效通过开关控制对虚拟LAN的访问的系统,方法和程序公开(公告)号:US20080253380A1
公开(公告)日:2008-10-16
申请号:US11733904
申请日:2007-04-11
IPC分类号: H04L12/28
CPC分类号: H04L12/4666 , H04L63/08 , H04L63/0876
摘要: System method and program for controlling access to a VLAN via a port of a VLAN switch system. In response to receipt of a message packet at the port, the switch system determines if a MAC address of the packet matches a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. The MAC address of the packet does not match a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. In response, the switch system blocks the packet if a rate of ill-formed packets and/or packets from an unrecognized MAC address exceeds a threshold pass rate. The threshold pass rate can be adjusted based on the rate of change of receipt of ill-formed packets and/or packets from an unrecognized MAC address.
摘要翻译: 用于通过VLAN交换机系统的端口控制对VLAN的访问的系统方法和程序。 响应于在端口处接收到消息分组,交换机系统确定分组的MAC地址是否与端口已经被编程的MAC地址匹配以被识别为被授权与端口通信的设备的MAC地址。 数据包的MAC地址与端口已被编程为识别为被授权与端口通信的设备的MAC地址的MAC地址不匹配。 作为响应,如果来自不可识别的MAC地址的不正确的分组和/或分组的速率超过阈值合格率,则交换机系统阻塞分组。 可以基于从不可识别的MAC地址接收到不合格的分组和/或分组的变化率来调整阈值合格率。
-
-
搜索结果
3 条记录 (耗时 0.019 秒)
