Invention Grant
US07650635B2 Method and apparatus for preventing network attacks by authenticating internet control message protocol packets
有权
通过认证互联网控制消息协议包来防止网络攻击的方法和装置
- Patent Title: Method and apparatus for preventing network attacks by authenticating internet control message protocol packets
- Patent Title (中): 通过认证互联网控制消息协议包来防止网络攻击的方法和装置
-
Application No.: US10820980Application Date: 2004-04-07
-
Publication No.: US07650635B2Publication Date: 2010-01-19
- Inventor: Amol Khare , Mitesh Dalal , Anantha Ramaiah , Sharad Ahlawat
- Applicant: Amol Khare , Mitesh Dalal , Anantha Ramaiah , Sharad Ahlawat
- Applicant Address: US CA San Jose
- Assignee: Cisco Technology, Inc.
- Current Assignee: Cisco Technology, Inc.
- Current Assignee Address: US CA San Jose
- Agency: Hickman Palermo Truong & Becker LLP
- Main IPC: G06F9/00
- IPC: G06F9/00 ; G06F15/16 ; G06F17/00 ; G06F12/00 ; G06F12/14 ; G06F13/00 ; G06F12/16 ; G11C11/00 ; G08B23/00 ; G06F15/173
Abstract:
A method of preventing an attack on a network, the method comprising the computer-implemented steps of receiving an ICMP packet that includes a copy of a header associated with a connection in a connection-oriented transport protocol; obtaining a packet sequence value from the header; determining if the packet sequence value is valid; and updating a parameter value associated with the transport protocol connection only if the packet sequence value is determined to be valid. Use of the disclosed method enables authenticating ICMP packets so that responsive measures of a network element, such as adjusting an MTU value, are performed only when the ICMP packet is determined to be authentic.
Public/Granted literature
Information query
