-
1.发明申请SYSTEM AND METHOD FOR TESTING NETWORK FIREWALL USING FINE GRANULARITY MEASUREMENTS 有权使用精细粒度测量来测试网络防火墙的系统和方法公开(公告)号:US20070124813A1
公开(公告)日:2007-05-31
申请号:US11557751
申请日:2006-11-08
CPC分类号: H04L63/029 , H04L12/2697 , H04L29/06027 , H04L29/06625 , H04L43/50 , H04L65/1006
摘要: A device verifies whether signaled pinholes in a Session Initiation Protocol (SIP)-based perimeter protection device are open, calculates a fine granularity pinhole opening delay of the SIP-based perimeter protection device, and calculates a fine granularity pinhole closing delay of the SIP-based perimeter protection device.
摘要翻译: 设备验证基于会话发起协议(SIP)的周边保护设备中信令的针孔是否打开,计算出SIP周边保护设备的精细粒度针孔延迟,并计算出SIP- 基于周边的保护装置。
-
公开(公告)号:US20070147380A1
公开(公告)日:2007-06-28
申请号:US11557703
申请日:2006-11-08
IPC分类号: H04L12/56
CPC分类号: H04L63/0263 , H04L29/06027 , H04L63/029 , H04L65/1006
摘要: A method may include receiving a first packet; determining, in a first processor, whether the first packet meets a criterion to be forwarded to a destination indicated in the first packet; receiving a second packet; determining whether the second packet is of a type for changing the criterion and sending the second packet to a second processor if the second packets is of the type for changing the criterion; receiving instructions, based on the second packet sent to the second processor, to change the criterion; and changing the criterion.
摘要翻译: 一种方法可以包括:接收第一分组; 在第一处理器中确定所述第一分组是否满足要转发到所述第一分组中指示的目的地的标准; 接收第二个分组; 如果所述第二分组是用于改变所述标准的类型,则确定所述第二分组是否是用于改变所述标准的类型并将所述第二分组发送到第二处理器; 基于发送到第二处理器的第二分组接收指令来改变标准; 并改变标准。
-
3.发明授权System and method for testing network firewall using fine granularity measurements 有权使用细粒度测量测试网络防火墙的系统和方法公开(公告)号:US09374342B2
公开(公告)日:2016-06-21
申请号:US11557751
申请日:2006-11-08
CPC分类号: H04L63/029 , H04L12/2697 , H04L29/06027 , H04L29/06625 , H04L43/50 , H04L65/1006
摘要: A device may verify whether pinholes in a perimeter protection device are open and may determine pinhole opening and closing delays. The method for determining the pinhole opening delay may include sending a stream of packets for passing through the pinhole in the network perimeter protection device. The packets in the stream may be sent at known time intervals. The method may include receiving one or more of the packets in the stream, wherein the received packets passed through the pinhole. The pinhole opening delay may be based on an indication of the position of the first one of the packets received in the stream and the known time intervals. The pinhole closing delay may be based on the number of packets having passed through the pinhole, after sending a session termination message, and the known time intervals.
摘要翻译: 设备可以验证周边保护设备中的针孔是否打开,并且可以确定针孔打开和关闭延迟。 用于确定针孔打开延迟的方法可以包括发送用于通过网络周边保护装置中的针孔的分组流。 流中的分组可以以已知的时间间隔发送。 该方法可以包括接收流中的一个或多个分组,其中所接收的分组通过针孔。 针孔打开延迟可以基于在流中接收的第一个分组的位置和已知的时间间隔的指示。 针孔关闭延迟可以基于通过针孔的分组的数量,在发送会话终止消息之后,以及已知的时间间隔。
-
4.发明申请SYSTEM AND METHOD FOR TESTING NETWORK FIREWALL FOR DENIAL-OF-SERVICE (DOS) DETECTION AND PREVENTION IN SIGNALING CHANNEL 失效用于测试网络防火墙的系统和方法(DOS)在信号通道中的检测和预防公开(公告)号:US20090006841A1
公开(公告)日:2009-01-01
申请号:US11771502
申请日:2007-06-29
CPC分类号: H04L63/1458 , H04L63/08 , H04L65/1006 , H04L65/1079 , H04L2463/141
摘要: A device may measure a first performance, associated with legitimate traffic without attack traffic, of a Session Initiation Protocol (SIP)-based protection device implementing authentication; measure a second performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication; and measure a third performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication and return routability filtering. The device may also measure a first performance associated with legitimate traffic of a Session Initiation Protocol (SIP)-based protection device implementing rate-limiting filtering; measure a second performance associated with legitimate traffic and attack traffic of the SIP-based protection device implementing scheme filtering; and measure a third performance associated with legitimate traffic of the SIP-based protection device not implementing rate-limiting filtering without attack traffic.
摘要翻译: 设备可以测量基于会话发起协议(SIP)的保护设备实现认证的与没有攻击流量的合法流量相关联的第一性能; 测量实施认证的基于SIP的保护设备的与合法流量和攻击流量相关联的第二性能; 并测量基于SIP的保护设备实现认证和返回可路由性过滤的与合法流量和攻击流量相关联的第三个性能。 设备还可以测量与基于会话发起协议(SIP)的保护设备的合法流量相关联的第一性能,其实现速率限制过滤; 测量与实施方案过滤的基于SIP的保护设备的合法流量和攻击流量相关联的第二性能; 并且测量与基于SIP的保护设备的合法流量相关联的第三性能,而不进行没有攻击流量的速率限制过滤。
-
5.发明申请SYSTEM AND METHOD FOR TESTING NETWORK FIREWALL FOR DENIAL-OF-SERVICE (DOS) DETECTION AND PREVENTION IN SIGNALING CHANNEL 有权用于测试网络防火墙的系统和方法(DOS)在信号通道中的检测和预防公开(公告)号:US20120137357A1
公开(公告)日:2012-05-31
申请号:US13368858
申请日:2012-02-08
IPC分类号: G06F21/00
CPC分类号: H04L63/1458 , H04L63/08 , H04L65/1006 , H04L65/1079 , H04L2463/141
摘要: A device may measure a first performance, associated with legitimate traffic without attack traffic, of a Session Initiation Protocol (SIP)-based protection device implementing authentication; measure a second performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication; and measure a third performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication and return routability filtering. The device may also measure a first performance associated with legitimate traffic of a Session Initiation Protocol (SIP)-based protection device implementing rate-limiting filtering; measure a second performance associated with legitimate traffic and attack traffic of the SIP-based protection device implementing scheme filtering; and measure a third performance associated with legitimate traffic of the SIP-based protection device not implementing rate-limiting filtering without attack traffic.
摘要翻译: 设备可以测量基于会话发起协议(SIP)的保护设备实现认证的与没有攻击流量的合法流量相关联的第一性能; 测量实施认证的基于SIP的保护设备的与合法流量和攻击流量相关联的第二性能; 并测量基于SIP的保护设备实现认证和返回可路由性过滤的与合法流量和攻击流量相关联的第三个性能。 设备还可以测量与基于会话发起协议(SIP)的保护设备的合法流量相关联的第一性能,其实现速率限制过滤; 测量与实施方案过滤的基于SIP的保护设备的合法流量和攻击流量相关联的第二性能; 并且测量与基于SIP的保护设备的合法流量相关联的第三性能,而不进行没有攻击流量的速率限制过滤。
-
公开(公告)号:US20120008624A1
公开(公告)日:2012-01-12
申请号:US13239986
申请日:2011-09-22
IPC分类号: H04L12/56
CPC分类号: H04L63/0263 , H04L29/06027 , H04L63/029 , H04L65/1006
摘要: A method may include receiving a first packet; determining, in a first processor, whether the first packet meets a criterion to be forwarded to a destination indicated in the first packet; receiving a second packet; determining whether the second packet is of a type for changing the criterion and sending the second packet to a second processor if the second packets is of the type for changing the criterion; receiving instructions, based on the second packet sent to the second processor, to change the criterion; and changing the criterion.
摘要翻译: 一种方法可以包括:接收第一分组; 在第一处理器中确定所述第一分组是否满足要转发到所述第一分组中指示的目的地的标准; 接收第二个分组; 如果所述第二分组是用于改变所述标准的类型,则确定所述第二分组是否是用于改变所述标准的类型并将所述第二分组发送到第二处理器; 基于发送到第二处理器的第二分组接收指令来改变标准; 并改变标准。
-
7.发明授权System and method for testing network firewall for denial-of-service (DOS) detection and prevention in signaling channel 失效用于测试网络防火墙在信令通道中的拒绝服务(DOS)检测和预防的系统和方法公开(公告)号:US08302186B2
公开(公告)日:2012-10-30
申请号:US11771502
申请日:2007-06-29
CPC分类号: H04L63/1458 , H04L63/08 , H04L65/1006 , H04L65/1079 , H04L2463/141
摘要: A device may measure a first performance, associated with legitimate traffic without attack traffic, of a Session Initiation Protocol (SIP)-based protection device implementing authentication; measure a second performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication; and measure a third performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication and return routability filtering. The device may also measure a first performance associated with legitimate traffic of a Session Initiation Protocol (SIP)-based protection device implementing rate-limiting filtering; measure a second performance associated with legitimate traffic and attack traffic of the SIP-based protection device implementing scheme filtering; and measure a third performance associated with legitimate traffic of the SIP-based protection device not implementing rate-limiting filtering without attack traffic.
摘要翻译: 设备可以测量基于会话发起协议(SIP)的保护设备实现认证的与没有攻击流量的合法流量相关联的第一性能; 测量实施认证的基于SIP的保护设备的与合法流量和攻击流量相关联的第二性能; 并测量基于SIP的保护设备实现认证和返回可路由性过滤的与合法流量和攻击流量相关联的第三个性能。 设备还可以测量与基于会话发起协议(SIP)的保护设备的合法流量相关联的第一性能,其实现速率限制过滤; 测量与实施方案过滤的基于SIP的保护设备的合法流量和攻击流量相关联的第二性能; 并且测量与基于SIP的保护设备的合法流量相关联的第三性能,而不进行没有攻击流量的速率限制过滤。
-
公开(公告)号:US09077685B2
公开(公告)日:2015-07-07
申请号:US13239986
申请日:2011-09-22
CPC分类号: H04L63/0263 , H04L29/06027 , H04L63/029 , H04L65/1006
摘要: A method may include receiving a first packet; determining, in a first processor, whether the first packet meets a criterion to be forwarded to a destination indicated in the first packet; receiving a second packet; determining whether the second packet is of a type for changing the criterion and sending the second packet to a second processor if the second packets is of the type for changing the criterion; receiving instructions, based on the second packet sent to the second processor, to change the criterion; and changing the criterion.
摘要翻译: 一种方法可以包括:接收第一分组; 在第一处理器中确定所述第一分组是否满足要转发到所述第一分组中指示的目的地的标准; 接收第二个分组; 如果所述第二分组是用于改变所述标准的类型,则确定所述第二分组是否是用于改变所述标准的类型并将所述第二分组发送到第二处理器; 基于发送到第二处理器的第二分组接收指令来改变标准; 并改变标准。
-
9.发明授权System and method for testing network firewall for denial-of-service (DoS) detection and prevention in signaling channel 有权信令通道中拒绝服务(DoS)检测和防范网络防火墙的系统和方法公开(公告)号:US08635693B2
公开(公告)日:2014-01-21
申请号:US13368858
申请日:2012-02-08
CPC分类号: H04L63/1458 , H04L63/08 , H04L65/1006 , H04L65/1079 , H04L2463/141
摘要: A device may measure a first performance, associated with legitimate traffic without attack traffic, of a Session Initiation Protocol (SIP)-based protection device implementing authentication; measure a second performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication; and measure a third performance, associated with legitimate traffic and attack traffic, of the SIP-based protection device implementing authentication and return routability filtering. The device may also measure a first performance associated with legitimate traffic of a Session Initiation Protocol (SIP)-based protection device implementing rate-limiting filtering; measure a second performance associated with legitimate traffic and attack traffic of the SIP-based protection device implementing scheme filtering; and measure a third performance associated with legitimate traffic of the SIP-based protection device not implementing rate-limiting filtering without attack traffic.
摘要翻译: 设备可以测量基于会话发起协议(SIP)的保护设备实现认证的与没有攻击流量的合法流量相关联的第一性能; 测量实施认证的基于SIP的保护设备的与合法流量和攻击流量相关联的第二性能; 并测量基于SIP的保护设备实现认证和返回可路由性过滤的与合法流量和攻击流量相关联的第三个性能。 设备还可以测量与基于会话发起协议(SIP)的保护设备的合法流量相关联的第一性能,其实现速率限制过滤; 测量与实施方案过滤的基于SIP的保护设备的合法流量和攻击流量相关联的第二性能; 并且测量与基于SIP的保护设备的合法流量相关联的第三性能,而不进行没有攻击流量的速率限制过滤。
-
10.发明授权Prevention of denial of service (DoS) attacks on session initiation protocol (SIP)-based systems using return routability check filtering 有权使用返回路由检查过滤来防止对基于会话发起协议(SIP)的系统的拒绝服务(DoS)攻击公开(公告)号:US08966619B2
公开(公告)日:2015-02-24
申请号:US11557740
申请日:2006-11-08
IPC分类号: H04L29/06
CPC分类号: H04L63/1458 , H04L63/08 , H04L63/1408 , H04L63/1416 , H04L63/1441 , H04L63/145 , H04L63/1466 , H04L2463/141
摘要: A device receives an attack on a Session Initiation Protocol (SIP)-based device, determines a type of the attack, and applies, based on the determined type of the attack, a return routability check filter to the attack.
摘要翻译: 设备接收对基于会话发起协议(SIP)的设备的攻击,确定攻击的类型,并根据确定的攻击类型应用攻击的返回可路由性检查过滤器。
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.025 秒)
