-
31.发明专利
-
公开(公告)号:CA2672528C
公开(公告)日:2013-06-25
申请号:CA2672528
申请日:2008-04-16
Applicant: IBM
Inventor: KEOHANE SUSANN MARIE , MCBREARTY GERALD FRANCIS , MULLEN SHAWN PATRICK , MURILLO JESSICA CAROL , SHIEH JOHNNY MENG-HAN
Abstract: A computer implemented method, apparatus, and computer program product for port scan protection. A reply data packet having a modified transmission control protocol header is generated to form a modified reply data packet, in response to detecting a port scan. The modified reply data packet will illicit a response from a recipient of the modified data packet. The reply data packet is sent to a first Internet protocol address associated with the port scan. A second Internet protocol address is identified from a header of the response to the modified reply data packet. The second Internet protocol address is an actual Internet protocol address of a source of the port scan. All network traffic from the second Internet protocol address may be blocked to prevent an attack on any open ports from the source of the port scan.
-
公开(公告)号:CA2525249C
公开(公告)日:2011-03-29
申请号:CA2525249
申请日:2004-04-15
Applicant: IBM
Inventor: KEOHANE SUSANN MARIE , MCBREARTY GERALD FRANCIS , MULLEN SHAWN PATRICK , MURILLO JESSICA KELLEY , SHIEH JOHNNY MENG-HAN
Abstract: A security protocol that dynamically implements enhanced mount security of a filesystem when access to sensitive files on a networked filesystem is requested. When the user of a client system attempts to access a specially-tagged sensitive file, the server hosting the filesystem executes a software code that terminates the current mount and reconfigures the server ports to accept a re-mount from the client via a more secure port. The server reconfigured server port is provided the IP address of the client and matches the IP address during the re-mount operation. The switch to a secure mount is completed in a seamless manner so that authorized users are allowed to access sensitive files without bogging down the server with costly encryption and other resource-intensive security features. No significant delay is experienced by the user, while the sensitive file is shielded from unauthorized capture during transmission to the client system.
-
公开(公告)号:DE602008003560D1
公开(公告)日:2010-12-30
申请号:DE602008003560
申请日:2008-04-16
Applicant: IBM
-
公开(公告)号:MY126373A
公开(公告)日:2006-09-29
申请号:MYPI9705306
申请日:1997-11-07
Applicant: IBM
Inventor: SHIEH JOHNNY MENG-HAN
Abstract: A DYNAMIC BUFFER (210, 212) IS USED TO DISPLAY AN OBJECT (206) FROM A DOCUMENT(200). THE CUT OBJECT IS VISIBLE TO THE USER AS THE FLOATING CURSOR (202) POSITIONED TO A DESIRED INSERTION POINT. THE CUT OBJECT CAN BE ANY COMBINATION OF TEXT, GRAPHICS OR DATA. THE DISPLAY CAN MOVE IN CONJUNTION WITH THE FLOATING CURSOR OR BE PARKED AT A PREDETERMINED OR USER-SELECTED POSITION. THE CUT OBJECT CAN BE ABBREVIATED TO FIT THE DISPLAY, OR THE DISPLAY CAN BE SIZED OR SCROLLED. ONCE AN OBJECT HAS BEEN CUT AND THUS STORED IN THE DYNAMIC BUFFER, IT CAN BE EDITED, OF PASTED TO A NEW LOCATION OR MERELY DELETED.(FIG 2)
-
Patent Agency Ranking
公开(公告)号:DE60208810T2
公开(公告)日:2006-08-31
申请号:DE60208810
申请日:2002-10-28
Applicant: IBM
Inventor: MCBREARTY GERALD FRANCIS , MULLEN SHAWN PATRICK , SHIEH JOHNNY MENG-HAN , TESAURO JAMES STANLEY
Abstract: Apparatus for eavesdropping within an area layer adjacent to and surrounding a LAN area periphery for potential wireless transmissions of an intruder having a lower frequency within a level below the LAN frequency; and an implementation responsive to said eavesdropping apparatus for changing the encryption code of said encrypted wireless transmission upon the eavesdropping detection of a wireless transmission of said lower frequency addressed to a network location of one of the terminals in said LAN.
-
公开(公告)号:AT316313T
公开(公告)日:2006-02-15
申请号:AT02772566
申请日:2002-10-28
Applicant: IBM
Inventor: MCBREARTY GERALD FRANCIS , MULLEN SHAWN PATRICK , SHIEH JOHNNY MENG-HAN , TESAURO JAMES STANLEY
Abstract: Apparatus for eavesdropping within an area layer adjacent to and surrounding a LAN area periphery for potential wireless transmissions of an intruder having a lower frequency within a level below the LAN frequency; and an implementation responsive to said eavesdropping apparatus for changing the encryption code of said encrypted wireless transmission upon the eavesdropping detection of a wireless transmission of said lower frequency addressed to a network location of one of the terminals in said LAN.
-
公开(公告)号:DE69718259D1
公开(公告)日:2003-02-13
申请号:DE69718259
申请日:1997-08-19
Applicant: IBM
Inventor: SHIEH JOHNNY MENG-HAN
Abstract: An apparatus, method, and memory direct a computer system, having at least a processor, memory, and touchscreen device (e.g., a touchscreen or a touchpad and display device) to execute at least one action on an object and/or text. The method includes detecting at least one item (e.g., fingers, stylus) placed on the touchscreen device, counting the number of items placed on the touchscreen device, determining if an associated action corresponds to the numbers of items and, if an associated action corresponds to the number of items, executing the associated action.
-
公开(公告)号:CA2332084A1
公开(公告)日:2001-08-17
申请号:CA2332084
申请日:2001-01-23
Applicant: IBM
Inventor: MULLEN SHAWN PATRICK , SHIEH JOHNNY MENG-HAN , MCBREARTY GERALD FRANCIS , CRONK MATTHEW SLADE
Abstract: A method and system for running, on different computers at the same time, multiple operating systems from the same shared system resource is provided. This is accomplished, for example, by using persistent elemental disk reservations. Each machine reads the master boot record without reservation to determine the partition of the operating syste m to be booted. Each machine then makes an elemental exclusive write persistent reservation for accessing the operating system boot partition. This is followed by each machine making another elemental exclusive write persistent reservation for accessing the operating system partition itself. Each machine is assigned a different operating system partition even if they are running the same operating system. The unique reservation key for these reservations is creat ed from at least on of a Processor ID, a Cluster ID, a Multiple Processor partition ID, a Non-Unifo rm Memory Access complex ID, and/or a Non-Uniform Memory Access node ID.
-
公开(公告)号:GB2356765A
公开(公告)日:2001-05-30
申请号:GB0019673
申请日:2000-08-11
Applicant: IBM
Inventor: GENTY DENISE MARIE , MCBREARTY GERALD FRANCIS , MULLEN SHAWN PATRICK , SHIEH JOHNNY MENG-HAN , UNNKRISHNAN RAMACHANDRAN
Abstract: A method and system for an algorithm-based network snoop avoider is provided. A first data processing system and a second data processing system communicate on a physical network by transmitting data packets on the network using a virtual private network (VPN). Data packets are transmitted through a first VPN tunnel between the first data processing system with a first network address terminating a first end of the VPN tunnel and the second data processing system with a second network address terminating a second end of the first VPN tunnel. The VPN is automatically reconfigured to use alternate addresses on the network for the tunnel endpoints by automatically determining, in accordance with a predetermined algorithm, a third network address and a fourth network address and by automatically assigning the third network address to the first data processing system and the fourth network address to the second data processing system. Data packets may then be transmitted through a second VPN tunnel in which a first end of the second VPN tunnel is terminated by the first data processing system using the third network address and a second end of the second VPN tunnel is terminated by the second data processing system using the fourth network address. The data packets may be transmitted using Internet Protocol (IP), and a portion of the network may include the Internet.
-
-
-
-
-
-
-
-
-
Search Results
58
records
(took 0.022 seconds)
