Invention Grant
- Patent Title: Apparatus and method for detecting tiny fragment attacks
- Patent Title (中): 用于检测微小碎片攻击的装置和方法
-
Application No.: US10383128Application Date: 2003-03-06
-
Publication No.: US08296452B2Publication Date: 2012-10-23
- Inventor: Kenneth M. Rose , Venkateshwar R. Pullela , David S. Walker , Kevin C. Wong , Kaichuan He , Yu Kwong Ng
- Applicant: Kenneth M. Rose , Venkateshwar R. Pullela , David S. Walker , Kevin C. Wong , Kaichuan He , Yu Kwong Ng
- Applicant Address: US CA San Jose
- Assignee: Cisco Technology, Inc.
- Current Assignee: Cisco Technology, Inc.
- Current Assignee Address: US CA San Jose
- Agency: Campbell Stephenson LLP
- Main IPC: G06F15/16
- IPC: G06F15/16
Abstract:
Disclosed is a method and apparatus for checking link layer protocol frames such as Ethernet frames. The method can be implemented on a processor executing software instructions stored in memory. In one embodiment of the invention, the method includes receiving an Ethernet frame, and counting data bytes of the Ethernet frame to generate a total number of counted bytes. The total number of counted bytes can be used to calculate a data length of a datagram of the Ethernet frame. Once calculated, the datagram data length can be compared to a predetermined value. If the datagram length does not fall within an acceptable range of the predetermined value, the Ethernet frame may be dropped so that the Ethernet frame does not reach its final destination.
Public/Granted literature
- US20040205228A1 Apparatus and method for detecting tiny fragment attacks Public/Granted day:2004-10-14
Information query
