摘要:
To prevent system crashes, as by denial-of-service attacks, of TCP/IP (Transmission Control Protocol/Internet Protocol) networks, this invention regulates the volume of TCP connection requests that await service at a TCP/IP connection control table. For this purpose, the usage of the system is monitored on a dynamic basis, the time-out value Tho is dynamically computed, and requests that have been awaiting service for a period of time that exceeds Tho are removed from the TCP/IP connection control table.
摘要:
An embodiment of the invention provides a method for sending a data object to an endpoint, wherein rules are added to the data object with a processor. The rules include a requisite endpoint attribute and/or a requisite user attribute of the endpoint, and wherein the requisite user attribute of the endpoint includes an approved role. The data object is sent to the endpoint with a communications module; and a rule-analyzing module determines whether the endpoint satisfies the rules. If the endpoint satisfies a threshold number of rules, the data object is received, stored in a memory device, and/or displayed on a display at the endpoint. The processor changes at least one of the rules after a threshold period of time that the data object is created, sent, and/or received.
摘要:
An embodiment of the invention provides a method for sending a data object to an endpoint, wherein rules are added to the data object with a processor. The rules include a requisite endpoint attribute and/or a requisite user attribute of the endpoint, and wherein the requisite user attribute of the endpoint includes an approved role. The data object is sent to the endpoint with a communications module; and a rule-analyzing module determines whether the endpoint satisfies the rules. If the endpoint satisfies a threshold number of rules, the data object is received, stored in a memory device, and/or displayed on a display at the endpoint. The processor changes at least one of the rules after a threshold period of time that the data object is created, sent, and/or received.
摘要:
A system comprising a network resource server or a server farm formed by a plurality of computer systems and a network processor which transfers data exchanged with an external network supported by the server farm at a data rate substantially the same as the data flow rate of the network and related method. The network processor protects the network resource server against attacks such as a denial of service attack by monitoring data flow, computing a derivative of the data flow over time to determine the rate of change of data flow, and modifying instructions for the discarding of packets in response to rates of change which are outside predetermined boundaries.