-
1.发明授权System and method for an adaptive TCP SYN cookie with time validation 有权具有时间验证的自适应TCP SYN cookie的系统和方法公开(公告)号:US07675854B2
公开(公告)日:2010-03-09
申请号:US11358245
申请日:2006-02-21
申请人: Lee Chen , Ronald Wai Lun Szeto , Shih-Tsung Hwang
发明人: Lee Chen , Ronald Wai Lun Szeto , Shih-Tsung Hwang
IPC分类号: G01R31/08
CPC分类号: H04L47/10 , H04L63/1458
摘要: Provided is a method and system for TCP SYN cookie validation. The method includes receiving a session SYN packet by a TCP session setup module of a host server, generating a transition cookie including a time value representing the actual time, sending a session SYN/ACK packet, including the transition cookie, in response to the received session SYN packet, receiving a session ACK packet, and determining whether a candidate transition cookie in the received session ACK packet comprises a time value representing a time within a predetermined time interval from the time the session ACK packet is received.
摘要翻译: 提供了一种用于TCP SYN cookie验证的方法和系统。 所述方法包括:通过主机服务器的TCP会话建立模块接收会话SYN分组,生成包含表示实际时间的时间值的转换cookie,响应于接收到的发送包括转换cookie的会话SYN / ACK分组 会话SYN分组,接收会话ACK分组,以及确定接收到的会话ACK分组中的候选转移cookie是否包括表示从接收到会话ACK分组的时间起的预定时间间隔内的时间的时间值。
-
2.再颁专利System and method for an adaptive TCP SYN cookie with time validation 有权具有时间验证的自适应TCP SYN cookie的系统和方法公开(公告)号:USRE44701E1
公开(公告)日:2014-01-14
申请号:US13413191
申请日:2012-03-06
申请人: Lee Chen , Ronald Wai Lun Szeto , Shih-Tsung Hwang
发明人: Lee Chen , Ronald Wai Lun Szeto , Shih-Tsung Hwang
CPC分类号: H04L47/10 , H04L63/1458
摘要: Provided is a method and system for TCP SYN cookie validation. The method includes receiving a session SYN packet by a TCP session setup module of a host server, generating a transition cookie including a time value representing the actual time, sending a session SYN/ACK packet, including the transition cookie, in response to the received session SYN packet, receiving a session ACK packet, and determining whether a candidate transition cookie in the received session ACK packet comprises a time value representing a time within a predetermined time interval from the time the session ACK packet is received.
摘要翻译: 提供了一种用于TCP SYN cookie验证的方法和系统。 所述方法包括:通过主机服务器的TCP会话建立模块接收会话SYN分组,生成包含表示实际时间的时间值的转换cookie,响应于接收到的发送包括转换cookie的会话SYN / ACK分组 会话SYN分组,接收会话ACK分组,以及确定接收到的会话ACK分组中的候选转移cookie是否包括表示从接收到会话ACK分组的时间起的预定时间间隔内的时间的时间值。
-
公开(公告)号:US20070283429A1
公开(公告)日:2007-12-06
申请号:US11442774
申请日:2006-05-30
申请人: Lee Chen , Ronald Wai Lun Szeto , Shih-Tsung Hwang
发明人: Lee Chen , Ronald Wai Lun Szeto , Shih-Tsung Hwang
IPC分类号: G06F15/16
CPC分类号: H04L63/0254 , H04L63/1458
摘要: In a computer communication network including a firewall which protects a secured host against attack from outside computers, the host communicating with an outside computer, through the firewall, via data packets which include byte sequence numbers. In a communication between the host and computer in which one of them acts as a source and the other as a destination for the communication, a sequence number offset is derived by the firewall which characterizes the byte sequence number received from the source and the byte sequence number the firewall will provide to the destination for that communication. In a communication received from the source, the firewall adds the offset to byte sequence numbers in a packet passing between the source and destination, in order to determine the byte sequence numbers it will provide to the destination. Thus, proper sequence numbers can be provided to both locations, without the firewall having to restructure packets. This speeds communication between the source and destination and substantially reduces the commitment of processing and storage resources.
摘要翻译: 在包括保护安全主机免受外部计算机攻击的防火墙的计算机通信网络中,主机通过防火墙通过包括字节序列号的数据分组与外部计算机进行通信。 在主机和计算机之间的通信中,其中一个作为源,另一个作为通信的目的地,由防火墙导出序列号偏移,其表征从源接收的字节序列号和字节序列 防火墙将提供给该通信的目的地的号码。 在从源接收的通信中,防火墙将偏移量添加到源和目的地之间的数据包中的字节序列号,以确定其将提供给目标的字节序列号。 因此,可以向两个位置提供适当的序列号,而防火墙不必重新组织数据包。 这加快了源和目的地之间的通信,并大大减少了处理和存储资源的承诺。
-
4.发明申请System and method for an adaptive TCP SYN cookie with time validation 有权具有时间验证的自适应TCP SYN cookie的系统和方法公开(公告)号:US20070195792A1
公开(公告)日:2007-08-23
申请号:US11358245
申请日:2006-02-21
申请人: Lee Chen , Ronald Szeto , Shih-Tsung Hwang
发明人: Lee Chen , Ronald Szeto , Shih-Tsung Hwang
IPC分类号: H04L12/56
CPC分类号: H04L47/10 , H04L63/1458
摘要: Provided is a method and system for TCP SYN cookie validation. The method includes receiving a session SYN packet by a TCP session setup module of a host server, generating a transition cookie including a time value representing the actual time, sending a session SYN/ACK packet, including the transition cookie, in response to the received session SYN packet, receiving a session ACK packet, and determining whether a candidate transition cookie in the received session ACK packet comprises a time value representing a time within a predetermined time interval from the time the session ACK packet is received.
摘要翻译: 提供了一种用于TCP SYN cookie验证的方法和系统。 所述方法包括:通过主机服务器的TCP会话建立模块接收会话SYN分组,生成包含表示实际时间的时间值的转换cookie,响应于接收到的发送包括转换cookie的会话SYN / ACK分组 会话SYN分组,接收会话ACK分组,以及确定接收到的会话ACK分组中的候选转移cookie是否包括表示从接收到会话ACK分组的时间起的预定时间间隔内的时间的时间值。
-
5.发明授权System for host accessing local memory by asserting address signal corresponding to host adapter and data signal indicating address of location in local memory 失效通过断言与主机适配器相对应的地址信号和指示本地存储器中位置的地址的数据信号来主机访问本地存储器的系统
公开(公告)号:US5734924A
公开(公告)日:1998-03-31
申请号:US111192
申请日:1993-08-27
申请人: Yu-Ping Cheng , Ta-Lin Chang , Shih-Tsung Hwang
发明人: Yu-Ping Cheng , Ta-Lin Chang , Shih-Tsung Hwang
CPC分类号: G06F13/385 , G06F13/126
摘要: A host adapter contains a RISC processor, a local memory, and a memory management unit that permits the RISC processor and a host computer system to access a local memory. The host computer system writes command descriptions directly into the local RAM. The RISC processor retrieves and processes the command descriptions. The local RAM may be divided into numbered command description blocks having a fixed size and format. In standard bus protocols, such as SCSI-2, block numbers are used as tag messages. Such tag messages allow the host adapter to quickly identify information used when an SCSI I/O request is resumed. The command description blocks may be linked into lists, including an active list containing command description blocks that are ready for the RISC processor and a free list containing command description blocks that are available for use by the host computer.
摘要翻译: 主机适配器包含RISC处理器,本地存储器以及允许RISC处理器和主机系统访问本地存储器的存储器管理单元。 主机系统将命令描述直接写入本地RAM。 RISC处理器检索和处理命令描述。 本地RAM可以被划分为具有固定大小和格式的编号命令描述块。 在标准总线协议(如SCSI-2)中,块号用作标签消息。 这样的标签消息允许主机适配器快速识别恢复SCSI I / O请求时所使用的信息。 命令描述块可以链接到列表中,包括包含用于RISC处理器的命令描述块的活动列表和包含可供主计算机使用的命令描述块的空闲列表。
-
公开(公告)号:US5561813A
公开(公告)日:1996-10-01
申请号:US111191
申请日:1993-08-27
申请人: Shih-Tsung Hwang
发明人: Shih-Tsung Hwang
CPC分类号: G06F12/0669
摘要: An input/output port address selection circuit for a device that couples to a local bus of a computer operates in two modes. In a first mode, the I/O port address is maintained as the last I/O port address saved. In the second mode, the selection circuit changes the I/O port address and saves the change when the circuit is reset. A computer user resolves I/O port address conflicts by placing the selection circuit in the second mode then resetting the system until the conflict is resolved and the system works properly. The selection circuit is then placed and left in the first mode so that the non-conflicting address is reused. Non-volatile memory, an electrically erasable-programmable read-only memory, is used for saving an index which indicates the last I/O port address set. The non-volatile memory is changed when the selection circuit is operated in the second mode.
摘要翻译: 耦合到计算机的本地总线的设备的输入/输出端口地址选择电路以两种模式操作。 在第一种模式下,I / O端口地址将保存为最后一个I / O端口地址。 在第二种模式下,选择电路改变I / O端口地址,并在电路复位时保存更改。 计算机用户通过将选择电路置于第二模式来解决I / O端口地址冲突,然后重置系统,直到冲突解决并且系统正常工作。 然后将选择电路放置在第一模式中,使得不冲突的地址被重复使用。 非易失性存储器(电可擦除可编程只读存储器)用于保存指示最后一个I / O端口地址集的索引。 当在第二模式中操作选择电路时,非易失性存储器被改变。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.023 秒)
