公开(公告)号：CA2600517A1

公开(公告)日：2006-09-28

申请号：CA2600517

申请日：2006-02-21

Applicant: IBM

Inventor： RIORDAN JAMES F ,  RISSMANN RUDIGER ,  DUPONCHEL YANN ,  ZAMBONI DIEGO M

IPC: G06F21/00 ,  H04L29/06

Abstract: A method and apparatus are provided for detecting attacks on a data communication network. The apparatus includes a router with a mechanism for monitoring return messages addressed to an originating user system local to the router. The mechanism includes a message checker for identifying a return message of a specified nature and a rerouter for temporarily routing subsequent messages from the originating user system to the intrusion detection sensor.

公开(公告)号：DE602006012095D1

公开(公告)日：2010-03-18

申请号：DE602006012095

申请日：2006-12-12

Applicant: IBM

Inventor： DUPONCHEL YANN ,  RIORDAN JAMES F ,  RISSMANN RUEDIGER ,  ZAMBONI DIEGO M

IPC: H04L12/46

Abstract: The invention relates to a method for operating virtual networks. The method comprises providing a first virtual network comprising a first set of network ports assigned to a first virtualization tag (T1) and a second virtual network comprising a second set of network ports assigned to a second virtualization tag (T2), the first and the second virtual network having compatible address ranges and being adapted to only pass data packets within them, providing a first network node having a source address (SA) in the first virtual network and being operationally connected to a first port (P1) assigned to the first virtual network by means of the first virtualization tag (T1), monitoring the first network node in order to detect a predetermined condition, and, on detection of the predetermined condition, reassigning the first port (P1) to the second virtual network by means of assigning the second virtualization tag (T2) to the first port (P1), such that no data packet can be passed from the first network node (N1) to a second network node (N2) connected to a second port (P2) assigned to the first virtual network by means of the first virtualization tag (T1) directly and keeping of the source address (SA) for the first network node (N1) in the second virtual network (104). The invention further relates to a further method for operation virtual networks, a data network system and a computer program product adapted to perform the inventive methods.

公开(公告)号：AU2003280126A1

公开(公告)日：2005-01-21

申请号：AU2003280126

申请日：2003-11-20

Applicant: IBM

Inventor： RIORDAN JAMES F

IPC: H04L12/14 ,  H04L29/06 ,  H04L29/12 ,  G06F1/00

Abstract: Described is a technique for detecting attacks on a data communications network having a plurality of addresses for assignment to data processing systems in the network. The technique involves identifying data traffic on the network originating at any assigned address and addressed to any unassigned address. Any data traffic so identified is inspected for data indicative of an attack. On detection of data indicative of an attack, an alert signal is generated.

公开(公告)号：DE602006017668D1

公开(公告)日：2010-12-02

申请号：DE602006017668

申请日：2006-02-21

Applicant: IBM

Inventor： RISSMANN RUEDIGER ,  DUPONCHEL YANN ,  ZAMBONI DIEGO M ,  RIORDAN JAMES F

IPC: G06F1/00

公开(公告)号：AT456890T

公开(公告)日：2010-02-15

申请号：AT06832212

申请日：2006-12-12

Applicant: IBM

Inventor： DUPONCHEL YANN ,  RIORDAN JAMES F ,  RISSMANN RUEDIGER ,  ZAMBONI DIEGO M

IPC: H04L12/46

Abstract: The invention relates to a method for operating virtual networks. The method comprises providing a first virtual network comprising a first set of network ports assigned to a first virtualization tag (T1) and a second virtual network comprising a second set of network ports assigned to a second virtualization tag (T2), the first and the second virtual network having compatible address ranges and being adapted to only pass data packets within them, providing a first network node having a source address (SA) in the first virtual network and being operationally connected to a first port (P1) assigned to the first virtual network by means of the first virtualization tag (T1), monitoring the first network node in order to detect a predetermined condition, and, on detection of the predetermined condition, reassigning the first port (P1) to the second virtual network by means of assigning the second virtualization tag (T2) to the first port (P1), such that no data packet can be passed from the first network node (N1) to a second network node (N2) connected to a second port (P2) assigned to the first virtual network by means of the first virtualization tag (T1) directly and keeping of the source address (SA) for the first network node (N1) in the second virtual network (104). The invention further relates to a further method for operation virtual networks, a data network system and a computer program product adapted to perform the inventive methods.

公开(公告)号：DE60135449D1

公开(公告)日：2008-10-02

申请号：DE60135449

申请日：2001-06-14

Applicant: IBM

Inventor： ALESSANDRI DOMINIQUE ,  RIORDAN JAMES F ,  WESPI ANDREAS

IPC: H04L29/06 ,  G06F21/55 ,  H04L9/10

公开(公告)号：AT406026T

公开(公告)日：2008-09-15

申请号：AT01810577

申请日：2001-06-14

Applicant: IBM

Inventor： ALESSANDRI DOMINIQUE ,  RIORDAN JAMES F ,  WESPI ANDREAS

IPC: H04L29/06 ,  G06F21/55 ,  H04L9/10

公开(公告)号：AU2003280190A1

公开(公告)日：2005-01-21

申请号：AU2003280190

申请日：2003-11-24

Applicant: IBM

Inventor： JULISCH KLAUS ,  RIORDAN JAMES F

IPC: H04L12/14 ,  H04L29/06 ,  H04L29/12

Abstract: Described is a technique for detecting attacks on a data communications network having a plurality of addresses for assignment to data processing systems in the network. The technique involves identifying data traffic on the network originating at any assigned address and addressed to any unassigned address. Any data traffic so identified is inspected for data indicative of an attack. On detection of data indicative of an attack, an alert signal is generated.