公开(公告)号：BRPI0811365A2

公开(公告)日：2015-06-16

申请号：BRPI0811365

申请日：2008-05-27

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN ,  MURILLO JESSICA CAROL ,  SHIEH JOHNNY MENG-HAN

公开(公告)号：CA2672528C

公开(公告)日：2013-06-25

申请号：CA2672528

申请日：2008-04-16

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA CAROL ,  SHIEH JOHNNY MENG-HAN

IPC: H04L29/06 ,  H04L12/22

Abstract: A computer implemented method, apparatus, and computer program product for port scan protection. A reply data packet having a modified transmission control protocol header is generated to form a modified reply data packet, in response to detecting a port scan. The modified reply data packet will illicit a response from a recipient of the modified data packet. The reply data packet is sent to a first Internet protocol address associated with the port scan. A second Internet protocol address is identified from a header of the response to the modified reply data packet. The second Internet protocol address is an actual Internet protocol address of a source of the port scan. All network traffic from the second Internet protocol address may be blocked to prevent an attack on any open ports from the source of the port scan.

公开(公告)号：CA2525249C

公开(公告)日：2011-03-29

申请号：CA2525249

申请日：2004-04-15

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

IPC: H04L29/06 ,  G06F1/00 ,  G06F17/30 ,  H04L29/08

Abstract: A security protocol that dynamically implements enhanced mount security of a filesystem when access to sensitive files on a networked filesystem is requested. When the user of a client system attempts to access a specially-tagged sensitive file, the server hosting the filesystem executes a software code that terminates the current mount and reconfigures the server ports to accept a re-mount from the client via a more secure port. The server reconfigured server port is provided the IP address of the client and matches the IP address during the re-mount operation. The switch to a secure mount is completed in a seamless manner so that authorized users are allowed to access sensitive files without bogging down the server with costly encryption and other resource-intensive security features. No significant delay is experienced by the user, while the sensitive file is shielded from unauthorized capture during transmission to the client system.

公开(公告)号：DE602008003560D1

公开(公告)日：2010-12-30

申请号：DE602008003560

申请日：2008-04-16

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA CAROL ,  SHIEH JOHNNY MENG-HAN

IPC: H04L29/06 ,  H04L12/22

公开(公告)号：CA2783394C

公开(公告)日：2019-03-05

申请号：CA2783394

申请日：2010-12-08

Applicant: IBM

Inventor： MULLEN SHAWN PATRICK ,  SHIEH JOHNNY MENG-HAN ,  MURILLO JESSICA CAROL ,  MCBREARTY GERALD FRANCIS ,  KEOHANE SUSANN MARIE

IPC: H04L29/06 ,  H04L12/22

Abstract: Provided are techniques for to enable a virtual input/output server (VIOS) to establish cryptographically secure signals with target LPARs to detect an imposter or spoofing LPAR. The secure signal, or "heartbeat," may be configured as an Internet Key Exchange/Internet Protocol Security (IKE/IPSec) encapsulated packet (ESP) connection or tunnel. Within the tunnel, the VIOS pings each target LPAR and, if a heartbeat is interrupted, the VIOS makes a determination as to whether the tunnel is broken, the corresponding LPAR is down or a media access control (MAC) spoofing attack is occurring. The determination is made by sending a heartbeat that is designed to fail unless the heartbeat is received by a spoofing device.

公开(公告)号：CA2698317C

公开(公告)日：2017-02-28

申请号：CA2698317

申请日：2008-09-22

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA CAROL ,  SHIEH JOHNNY MENG-HAN

IPC: H04L45/122

Abstract: A computer implemented method, data processing system, and computer program product for discovering an unauthorized router in a network. The process in the illustrative embodiments first obtains a physical address of a suspected router or destination device. A data packet is created which comprises at least a destination media access control field, a destination internet protocol field, and a time-to-live field, wherein the destination media access control field comprises the physical address of the destination device, wherein the destination internet protocol field comprises a bogus internet protocol address, and wherein the time-to-live field comprises a value indicating the data packet has exceeded a time limit. The data packet is sent to the destination device using the physical address in the destination media access control field. If a time exceeded message is received from the destination device, the destination device is determined to be enabled for routing.

公开(公告)号：MX2009011403A

公开(公告)日：2009-11-05

申请号：MX2009011403

申请日：2008-04-16

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA CAROL ,  SHIEH JOHNNY MENG-HAN

IPC: H04L29/06 ,  H04L12/22

Abstract: Se describe un método implementado por computadora, aparato y producto de computadora para la protección de barrido de puertos. Un paquete de datos de respuesta que tiene un encabezado de protocolo de control de transmisión modificado es generado para formar un paquete de datos de respuesta modificado en respuesta a la detección de un barrido de puertos. El paquete de datos de respuesta modificados producirá alguna respuesta de un receptor del paquete de datos modificado. El paquete de datos de respuesta es enviado a una primera dirección de protocolo de Internet asociada con el barrido de puertos. Una segunda dirección de protocolo de Internet es identificada de un encabezado de respuesta al paquete de datos de respuesta modificado. La segunda dirección de protocolo de Internet es una dirección de promotor de Internet de una fuente de barrido de puertos. Todo el tráfico de red de la segunda dirección de protocolo de Internet puede ser bloqueado para impedir un ataque sobre cualesquier puertos abiertos de la fuente del barrido de puertos.

公开(公告)号：AT339733T

公开(公告)日：2006-10-15

申请号：AT04727590

申请日：2004-04-15

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  MURILLO JESSICA KELLEY ,  SHIEH JOHNNY MENG-HAN

IPC: G06F17/30 ,  H04L29/06 ,  H04L29/08 ,  G06F21/00 ,  G06F1/00

Abstract: A security protocol that dynamically implements enhanced mount security of a filesystem when access to sensitive files on a networked filesystem is requested. When the user of a client system attempts to access a specially-tagged sensitive file, the server hosting the filesystem executes a software code that terminates the current mount and re-configures the server ports to accept a re-mount from the client via a more secure port. The server re-configured server port is provided the IP address of the client and matches the IP address during the re-mount operation. The switch to a secure mount is completed in a seamless manner so that authorized users are allowed to access sensitive files without bogging down the server with costly encryption and other resource-intensive security features. No significant delay is experienced by the user, while the sensitive file is shielded from un-authorized capture during transmission to the client system.

公开(公告)号：DE102016204714A1

公开(公告)日：2016-09-29

申请号：DE102016204714

申请日：2016-03-22

Applicant: IBM

Inventor： NIELSEN HOLLY LEE ,  KEOHANE SUSANN MARIE ,  KRAFT MAUREEN ELIZABETH ,  YAN SHUNGUO

IPC: G06F3/16 ,  G06F3/00

Abstract: Ein Verfahren zum Bereitstellen von Führung in Verbindung mit einer technischen Aufgabe beinhaltet ein Ermitteln, aus einer Interaktion eines Endbenutzers mit einem Computersystem, eines aktuellen Kontexts und einer aktuellen Aufgabe des Endbenutzers, ein Erkennen einer Änderung eines kognitiven Zustands des Endbenutzers, wobei die Änderung des kognitiven Zustands mit einem Ausführen der Aufgabe unter Verwendung des Computersystems in Zusammenhang steht, ein Durchsuchen einer Mehrzahl von Benutzererfahrungen, die der Änderung des kognitiven Zustands des Endbenutzers und dem aktuellen Kontext des Benutzers entspricht, ein Auswählen mindestens einer der Benutzererfahrungen gemäß einem Auswahlparameter, um eine ausgewählte Benutzererfahrung zu ermitteln, und Injizieren der ausgewählten Benutzererfahrung in den aktuellen Kontext des Endbenutzers mithilfe einer Ausgabeeinheit des Computersystems.

公开(公告)号：BRPI0809841A2

公开(公告)日：2014-09-23

申请号：BRPI0809841

申请日：2008-04-16

Applicant: IBM

Inventor： KEOHANE SUSANN MARIE

IPC: H04L29/06 ,  H04L12/22

Abstract: A computer implemented method, apparatus, and computer program product for port scan protection. A reply data packet having a modified transmission control protocol header is generated to form a modified reply data packet, in response to detecting a port scan. The modified reply data packet will elicit a response from a recipient of the modified data packet. The reply data packet is sent to a first Internet protocol address associated with the port scan. A second Internet protocol address is identified from a header of the response to the modified reply data packet. The second Internet protocol address is an actual Internet protocol address of a source of the port scan. All network traffic from the second Internet protocol address may be blocked to prevent an attack on any open ports from the source of the port scan.