-
公开(公告)号:US07134012B2
公开(公告)日:2006-11-07
申请号:US09930351
申请日:2001-08-15
申请人: Ronald P. Doyle , John R. Hind , Thomas Narten , Marcia L. Peters
发明人: Ronald P. Doyle , John R. Hind , Thomas Narten , Marcia L. Peters
CPC分类号: H04L63/1466 , H04L29/12009 , H04L29/12018 , H04L29/12783 , H04L61/10 , H04L61/35
摘要: Methods, systems and computer program products are provided for determining if a packet has a spoofed source Internet Protocol (IP) address. A source media access control (MAC) address of the packet and the source IP address are evaluated to determine if the source IP address of the packet has been bound to the source MAC address at a source device of the packet. The packet is determined to have a spoofed source IP address if the evaluation indicates that the source IP address is not bound to the source MAC address. Such an evaluation may be made for packets having a subnet of the source IP address which matches a subnet from which the packet originated.
-
公开(公告)号:US07058718B2
公开(公告)日:2006-06-06
申请号:US10050021
申请日:2002-01-15
IPC分类号: G06F15/173
CPC分类号: H04L63/12 , H04L63/1458 , H04L69/16 , H04L69/163
摘要: A method of producing a blended SYN cookie can include identifying within a SYN packet a source network address and desired communications session parameters. Subsequently, an index value into a table of pre-configured sets of communications session parameters can be retrieved. Notably, the index value can reference one of the sets which approximates the desired communications parameters. A hash value can be computed based upon the source network address, a constant seed and current date and time data. Finally, the computed hash value can be combined with the index value, the combination forming the blended SYN cookie.
-
搜索结果
2 条记录 (耗时 0.021 秒)
