-
公开(公告)号:US20050265252A1
公开(公告)日:2005-12-01
申请号:US10855730
申请日:2004-05-27
CPC分类号: H04L41/08 , H04L43/022
摘要: Methods, systems, and media to sub-divide an ephemeral port range and allocate ports from the sub-divided ephemeral port ranges to facilitate communication with another destination, or target, application are contemplated. Embodiments involve a client computer system having one or more source applications. Embodiments also include hardware and/or software for categorizing transactions based upon characteristics of the transactions. Such categories correspond to categories with which sub-divisions of ephemeral port numbers are assigned. After a transaction is associated with a category, a port number selected from a pool of available port numbers in a sub-division of ephemeral port numbers assigned to that category. In many embodiments, an initial configuration is implemented via a configuration file at the startup of the client computer system. In further embodiments, assignments of ephemeral port numbers to the categories of transactions are dynamically adjusted based upon, e.g., actual usage of the port numbers.
摘要翻译: 方法,系统和媒体,用于对临时端口范围进行细分,并从分分割的临时端口范围分配端口以便于与另一个目标或目标应用程序的通信。 实施例涉及具有一个或多个源应用的客户端计算机系统。 实施例还包括用于基于事务的特征对交易进行分类的硬件和/或软件。 这些类别对应于分配短暂端口号的分部的类别。 在事务与一个类别相关联之后,从分配给该类别的短暂端口号的子划分中的可用端口号池中选择一个端口号。 在许多实施例中,在客户端计算机系统启动时通过配置文件实现初始配置。 在另外的实施例中,基于诸如端口号的实际使用来动态地调整临时端口号到事务类别的分配。
-
2.发明申请公开(公告)号:US20060268874A1
公开(公告)日:2006-11-30
申请号:US11122609
申请日:2005-05-05
IPC分类号: H04L12/56
CPC分类号: H04L29/12783 , H04L29/12801 , H04L61/35 , H04L61/6004 , H04L69/16 , H04L69/162
摘要: Methods, system, and products are disclosed for administering requests for data communications connections in a wide area network that include receiving, according to a data communications protocol, by a receiver from a sender, a request for a data communications connection, wherein the sender has a network address on a sender's network and the receiver has a network address on a receiver's network; characterizing the sender as local with respect to the receiver's network if the sender's network is the receiver's network; characterizing the sender as remote with respect to the receiver's network if the sender's network is not the receiver's network; and responding to the request in dependence upon a value of a location response flag and in dependence upon the characterization of the sender's network with respect to the receiver's network.
摘要翻译: 公开了方法,系统和产品,用于管理广域网中数据通信连接的请求,包括根据数据通信协议,从发送者接收对数据通信连接的请求,其中发送者具有 发送方网络上的网络地址,接收方在接收方网络上具有网络地址; 如果发送者的网络是接收者的网络,则将发送方表征为接收方的网络本地; 如果发送者的网络不是接收者的网络,则将发送方相对于接收者的网络表征为远端; 并且根据位置响应标志的值并根据发送者网络相对于接收机网络的表征来响应该请求。
-
公开(公告)号:US20060282537A1
公开(公告)日:2006-12-14
申请号:US11149184
申请日:2005-06-09
IPC分类号: G06F15/16
CPC分类号: H04L63/1458 , H04L47/12 , H04L47/193 , H04L47/745 , H04L47/821 , H04L47/826 , H04L69/16 , H04L69/163
摘要: A system and method of responding to a full TCP queue. After a server receives a TCP connection request from a client, the server places the request on an embryonic queue of TCP connection requests sorted by the amount of elapsed time since the server has respond to each respective TCP connection request. When the server attempts to place a new TCP connection request on a full embryonic queue, the host, via the TCP protocol, will remove the entry at the end of the embryonic queue. The last entry, due to the high timer value, is more likely to having performed unsuccessful attempts at completing a connection.
摘要翻译: 响应一个完整的TCP队列的系统和方法。 在服务器从客户端接收到TCP连接请求之后,服务器将请求放置在TCP连接请求的萌芽队列中,并按服务器响应每个相应的TCP连接请求后的经过时间排序。 当服务器尝试在完整的初始队列上放置新的TCP连接请求时,主机通过TCP协议将删除胚胎队列末尾的条目。 由于计时器值较高,最后一个条目更可能在完成连接时执行不成功的尝试。
-
公开(公告)号:US20060133365A1
公开(公告)日:2006-06-22
申请号:US11014552
申请日:2004-12-16
摘要: The reassembly timer in a TCP/IP receiver is dynamically set to avoid data corruption on fast networks caused by IP identification wrap-around. A sender generates IP packets with a special option specifying a reassembly time for fragments based on the subnet of the destination or on the calculated round-trip time of the connection. A receiver sets the reassembly timer to the reassembly time specified in the option. A sender can generate IP packets with an alternative option setting a time stamp for the generated packet. A receiver calculates a traversal time based on the difference between the arrival time of the fragment and this time stamp, and sets the reassembly timer based on this traversal time.
-
5.发明申请System and method of responding to a flood attack on a data processing system 审中-公开对数据处理系统发生洪水攻击的系统和方法公开(公告)号:US20060282508A1
公开(公告)日:2006-12-14
申请号:US11149185
申请日:2005-06-09
IPC分类号: G06F15/16
CPC分类号: H04L63/1458
摘要: A system and method of responding to a flood attack on a data processing system is disclosed. The present invention mitigates the affects of SYN attacks with false IP addresses by immediately removing the associated embryonic connection from the system upon receiving notification that the IP address in the original SYN request is false. Immediate removal of the connection request will mitigate the effects of the flood attack by not requiring the system to devote resources to servicing a connection request from a false IP address, which could result in denial of service for legitimate clients. Immediate removal of the connection request will mitigate the effects of the flood attack by not requiring the system to devote resources to servicing a connection request from a false IP address, which could result in denial of service for legitimate clients.
摘要翻译: 公开了一种响应数据处理系统的洪水攻击的系统和方法。 本发明通过在收到原始SYN请求中的IP地址为假的通知之后立即从系统中删除相关联的胚胎连接来减轻具有假IP地址的SYN攻击的影响。 立即删除连接请求将减轻洪水攻击的影响,不要求系统将资源用于维护来自虚假IP地址的连接请求,这可能导致合法客户端的拒绝服务。 立即删除连接请求将减轻洪水攻击的影响,不要求系统将资源用于维护来自虚假IP地址的连接请求,这可能导致合法客户端的拒绝服务。
-
公开(公告)号:US20070168545A1
公开(公告)日:2007-07-19
申请号:US11334658
申请日:2006-01-18
IPC分类号: G06F15/16
CPC分类号: H04L67/108 , H04L1/0083 , H04L47/32 , H04L49/55 , H04L69/16 , H04L69/166 , H04L69/28 , H04L69/40
摘要: A computer implemented method, apparatus, and computer usable program code for processing data packets. A set of data fragments are received at the data processing system to form a set of received data fragments. Assembly of the set of data fragments is initiated into a data packet, and a determination as to whether the data packet is an incomplete data packet. Responsive to a determination that the data packet is an incomplete data packet, the incomplete data packet is filled with at least one character to form a final data packet. The final data packet is forwarded to the target.
摘要翻译: 用于处理数据分组的计算机实现的方法,装置和计算机可用程序代码。 在数据处理系统处接收一组数据片段以形成一组接收的数据片段。 将数据分组集合发送到数据分组中,并确定数据分组是否是不完整的数据分组。 响应于数据分组是不完整的数据分组的确定,不完整的数据分组被填充至少一个字符以形成最终的数据分组。 最终的数据包被转发到目标。
-
公开(公告)号:US5261939A
公开(公告)日:1993-11-16
申请号:US701594
申请日:1991-05-13
CPC分类号: C05G3/08 , Y02P60/218 , Y10S71/902 , Y10S71/903
摘要: A nitrification-inhibiting agent is described which is characterized in that it comprisesa) dicyandiamide andb) guanylthiourea and/or ammonium thiosulphate and/or ammonium phosphate.This agent is distinguished by an increased activity compared to the individual components and by its low toxicity.
摘要翻译: 描述了一种硝化抑制剂,其特征在于其包含a)双氰胺和b)鸟嘌呤硫脲和/或硫代硫酸铵和/或磷酸铵。 该药物的特征在于与单个组分相比增加的活性和其低毒性。
-
公开(公告)号:US20050044227A1
公开(公告)日:2005-02-24
申请号:US10636983
申请日:2003-08-07
申请人: Julianne Haugh , Richard Youngman
发明人: Julianne Haugh , Richard Youngman
IPC分类号: H04L29/06 , H04L29/08 , G06F15/173
CPC分类号: H04L63/105 , H04L29/06 , H04L67/06 , H04L67/14 , H04L69/16 , H04L69/162 , H04L69/329
摘要: A method for enhancing port allocation procedures in a computer network by reserving specific ports to particular users and processes. Access protocol for ports are modified to enable a system administrator to defined/pre-select particular users and processes that may access the specific ports. A table structure is provided with the list of users and processes with bind authority for the particular port. When a bind request is received the ID of the user or process is confirmed against those within the table of the requested port. Bind access is provided only when the user ID or process ID matches one that is within the table. The port is allocated to the user/program until the user/process is complete, and other requests for access to the port are ignored until final completion of the ongoing process, even when a temporary disconnect of the port occurs.
摘要翻译: 一种通过将特定端口保留到特定用户和进程来增强计算机网络中的端口分配过程的方法。 对端口的访问协议进行修改,以使系统管理员能够定义/预先选择可能访问特定端口的特定用户和进程。 提供了具有特定端口绑定权限的用户和进程列表的表结构。 当接收到绑定请求时,确认用户或进程的ID针对所请求端口的表内的ID。 仅当用户ID或进程ID与表中的ID相匹配时才提供绑定访问。 该端口被分配给用户/程序,直到用户/进程完成为止,并且即使当端口暂时断开时,也将忽略访问端口的其他请求,直到正在进行的进程的最终完成。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.017 秒)
