公开(公告)号：JP2001273209A

公开(公告)日：2001-10-05

申请号：JP2001026784

申请日：2001-02-02

Applicant: IBM

Inventor： ATTWOOD KIRA STERLING ,  OVERBY JR LINWOOD HUGH ,  SUN CHIEN EN

IPC: G06F13/00 ,  H04L29/06 ,  H04L29/12

Abstract: PROBLEM TO BE SOLVED: To provide a method for preventing the overload of a server and the predictive function stop of the server caused by the flood of a connection request generated by an intended attack or the like. SOLUTION: In response to the request of a connection with a designated port from a host, the number of connections with ports assigned to the host is confirmed. When this number exceeds a first threshold, the request is refused. When invalidation is allowed by a service quality parameter related to the host, this refusal can be invalidated. When the number of connections usable for the ports is less than a second threshold, the connection request is refused on any conditions.

公开(公告)号：JP2001265678A

公开(公告)日：2001-09-28

申请号：JP2001026567

申请日：2001-02-02

Applicant: IBM

Inventor： ATTWOOD KIRA STERLING ,  OVERBY JR LINWOOD HUGH ,  SUN CHIEN EN

IPC: G06F13/00 ,  G06F15/00 ,  H04L12/56 ,  H04L29/06

Abstract: PROBLEM TO BE SOLVED: To provide a method for preventing the overload of a server and the projected function stoppage of the server due to the flood of connectionless datagrams caused by an intentional attack or the like. SOLUTION: The number of the datagrams from a host already standing by in the queue of a port is obtained in response to the datagram from the host to a specified port. In the case that the number exceeds a first threshold, the datagram is abandoned. In a suitable execution example, the threshold is obtained by multiplying the number of usable queue slots remaining in the port with a ratio P.

公开(公告)号：DE10101616C2

公开(公告)日：2003-07-31

申请号：DE10101616

申请日：2001-01-16

Applicant: IBM

Inventor： ATTWOOD KIRA STERLING ,  OVERBY JUN LINWOOD HUGH ,  SUN CHIEN EN

IPC: G06F13/00 ,  G06F15/00 ,  H04L12/56 ,  H04L29/06 ,  G06F15/173

Abstract: A server is prevented from being overloaded and possibly brought down by flooding with connectionless datagrams caused by an intentional attack. In response to a datagram from a host for a specific connection, the number of datagrams is detected, which have already been put by the host in a queue for the connection. If this number goes over an initial threshold value, the datagram is rejected.

公开(公告)号：GB2363951B

公开(公告)日：2003-07-09

申请号：GB0101192

申请日：2001-01-17

Applicant: IBM

Inventor： ATTWOOD KIRA STERLING ,  OVERBY JR LINWOOD HUGH ,  SUN CHIEN-EN

IPC: H04L29/06 ,  G06F13/00 ,  H04L29/12

Abstract: The invention prevents server overload and possible server crippling due to a flooding of connect requests caused by intentional attack or otherwise. In response to a connection request from a host for a specified port, the number of connections to the port that are assigned to the host are determined. If this number exceeds a first threshold, the request is denied. It is possible to override this denial if a quality of service parameter pertaining to the host permits such an override. However, if the number of available connections to the port is less than a second threshold, the connection request is denied in any event.

公开(公告)号：GB2363951A

公开(公告)日：2002-01-09

申请号：GB0101192

申请日：2001-01-17

Applicant: IBM

Inventor： ATTWOOD KIRA STERLING ,  OVERBY JR LINWOOD HUGH ,  SUN CHIEN-EN

IPC: H04L29/06 ,  G06F13/00 ,  H04L29/12

Abstract: The invention prevents server overload and possible server crippling due to a flooding of connect requests caused by intentional attack or otherwise. In response to a connection request from a host for a specified port, the number of connections to the port that are assigned to the host are determined. If this number exceeds a first threshold, the request is denied. It is possible to override this denial if a quality of service parameter pertaining to the host permits such an override. However, if the number of available connections to the port is less than a second threshold, the connection request is denied in any event.

公开(公告)号：DE10101616A1

公开(公告)日：2001-08-30

申请号：DE10101616

申请日：2001-01-16

Applicant: IBM

Inventor： ATTWOOD KIRA STERLING ,  OVERBY JUN LINWOOD HUGH ,  SUN CHIEN EN

IPC: G06F13/00 ,  G06F15/00 ,  H04L12/56 ,  H04L29/06 ,  G06F15/173

Abstract: A server is prevented from being overloaded and possibly brought down by flooding with connectionless datagrams caused by an intentional attack. In response to a datagram from a host for a specific connection, the number of datagrams is detected, which have already been put by the host in a queue for the connection. If this number goes over an initial threshold value, the datagram is rejected.