US2005235359A1PendingUtilityA1
Method for resisting a denial-of-service attack of a private network element
Est. expiryFeb 6, 2016(expired)· nominal 20-yr term from priority
H04L 63/02H04L 63/083H04L 63/18H04L 63/1458H04L 63/0807H04L 9/40H04L 63/0227G06Q 20/027H04L 63/0281H04L 63/0263H04L 69/16
51
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Methods and apparatus for resisting a denial-of-service attack of a private network element are disclosed. In one embodiment, a network device is configured to receive a packet destined for a private network element over an IP-compliant network. A proxy is assigned to examine the packet based on the destination port of the packet. The proxy agent then determines whether the packet is suspect and should be discarded. If the packet is suspect, it is discarded without shutting down said port.
Claims
exact text as granted — not AI-modified1 . A method for resisting a denial-of-service attack of a private network element comprising:
receiving a packet destined for a private network element over an IP-compliant network; assigning a proxy agent operable within a firewall to examine said packet based on the destination port of said packet; determining, by said proxy agent, whether said packet is suspect and should be discarded; and if said packet is suspect, then discarding said packet without shutting down said port.
2 . The method of claim 1 , wherein said act of determining whether said packet is suspect further comprises comparing the source address of said packet against a list of addresses.
3 . The method of claim 2 , further comprising the act of performing additional verification checks on suspect addresses.
4 . The method of claim 3 , further comprising the act of performing additional verification based on the suspect packet's port designation.
5 . The method of claim 1 , further comprising the act of maintaining a transaction log containing information regarding said incoming packets.
6 . A firewall device for resisting a denial-of-service attack of a private network element comprising:
a firewall operatively disposed between a private network element and an IP-compliant network; the firewall device configured to receive a packet destined for a private network element over an IP-compliant network and assign a proxy agent operable within said firewall to examine said packet based on the destination port of said packet; and wherein the proxy agent is configured to discard suspect packets without shutting down said port.
7 . The firewall device of claim 6 , wherein said proxy agent is further configured to determine whether said packet is suspect by comparing the source address of said packet against a list of addresses.
8 . The firewall device of claim 7 , wherein said proxy agent is further configured to perform additional verification checks on suspect addresses.
9 . The firewall device of claim 8 , wherein said proxy agent is further configured to perform additional verification based on the suspect packet's port designation.
10 . The firewall device of claim 6 , wherein said firewall device is further configured to maintain a transaction log containing information regarding said incoming access request packets.
11 . A firewall apparatus for resisting a denial-of-service attack of a private network element comprising:
means for receiving a packet destined for a private network element over an IP-compliant network; means for assigning a proxy agent operable within a firewall to examine said packet based on the destination port of said packet; means for determining whether said packet is suspect and should be discarded; and means for discarding said packet without shutting down said port if said packet is suspect.
12 . The apparatus of claim 11 , further comprising means for comparing the source address of said packet against a list of addresses.
13 . The apparatus of claim 12 , further comprising means for performing additional verification checks on suspect addresses.
14 . The apparatus of claim 13 , further comprising means for performing additional verification based on the suspect packet's port designation.
15 . The apparatus of claim 11 , further comprising means for maintaining a transaction log containing information regarding said incoming access request packets.
16 . A computer-readable device containing a set of computer instructions for performing a method for resisting a denial-of-service attack of a private network element, the method comprising:
receiving a packet destined for a private network element over an IP-compliant network; assigning a proxy agent operable within a firewall to examine said packet based on the destination port of said packet; determining, by said proxy agent, whether said packet is suspect and should be discarded; and if said packet is suspect, then discarding said packet without shutting down said port.
17 . The device of claim 16 , wherein said act of determining whether said packet is suspect further comprises comparing the source address of said packet against a list of addresses.
18 . The device of claim 17 , further comprising the act of performing additional verification checks on suspect addresses.
19 . The device of claim 18 , further comprising the act of performing additional verification based on the suspect packet's port designation.
20 . The device of claim 16 , further comprising the act of maintaining a transaction log containing information regarding said incoming access request packets.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.