Multiplex communications – Pathfinding or routing – Switching a message which includes an address header
Reexamination Certificate
2006-02-03
2009-11-03
Kumar, Pankaj (Department: 2419)
Multiplex communications
Pathfinding or routing
Switching a message which includes an address header
C370S392000, C370S349000, C370S351000, C726S011000, C726S004000, C726S017000, C726S021000, C709S228000, C709S229000
Reexamination Certificate
active
07613193
ABSTRACT:
A method for operating a firewall includes: in response to the firewall receiving a TCP SYN request packet that is sent towards a first node from a second node, the TCP SYN request packet comprising a sequence value (“seq”), sending to the second node a SYN|ACK packet, the SYN|ACK packet comprising a seq and an ack_sequence value (“ack_seq”), where ack_seq of the SYN|ACK packet is not equal to the TCP SYN request packet's seq+1; and in response to the firewall receiving a TCP RST packet from the second node, verifying that the seq in the TCP RST packet matches the ack_seq of the SYN|ACK packet and, if it does, designating the connection with the second node as an authorized connection.
REFERENCES:
patent: 7197639 (2007-03-01), Juels et al.
patent: 7234161 (2007-06-01), Maufer et al.
patent: 7398315 (2008-07-01), Atkinson et al.
patent: 2001/0042200 (2001-11-01), Lamberton et al.
patent: 2003/0179885 (2003-09-01), Gentry et al.
patent: 2004/0034773 (2004-02-01), Balabine et al.
patent: 2004/0062267 (2004-04-01), Minami et al.
patent: 2004/0131059 (2004-07-01), Ayyakad et al.
patent: 2005/0021999 (2005-01-01), Touitou et al.
patent: 2005/0027854 (2005-02-01), Boulanger et al.
patent: 2005/0240989 (2005-10-01), Kim et al.
patent: 2007/0044150 (2007-02-01), Dalal et al.
patent: 1379055 (2004-01-01), None
patent: WO-98/34384 (1998-08-01), None
patent: W0-03/050644 (2003-06-01), None
“RFC 793 Transmission Control Protocol”, published by information Sciences Institue on Sep. 1981. See whole document.
“More information on RST cookies” Clavister [Knowledge Base Article #1006], Published: Jun. 4, 2003, [on line] Internet: http://www.clavister.com/support/kb/10006/.
Chau, H., “Network Security—Defense Against DoS/DDoS Attacks”, Sep. 22, 2004, [on line] Internet: http://www.securitydocs.com/library/2576.
“3GPP2 Network Firewall Configuration and Control- Stage 1 Requirements”, Dec. 2004, 16 pages.
“The Design and Implementation of Network Puzzles”, Wu-chang Feng et al., Proceedings of INFOCOM 2005, Mar. 2005, 11 pages.
“SYN cookies”, D. J. Bernstein, (http://cr.yp.tosyncookies,html), 3 pages, Feb. 2006.
“Resisting SYN flood DoS attacks with a SYN cache”, Jonathan Lemon, Proceedings of USENIX BSDCon 2002, Feb. 2002, 9 pages.
“RFC793 Transmission Control Protocol”, DARPA Internet Program, Protocol Specification, Sep. 1981, pp. 1-85.
“RFC3220 IP Mobility Support for IPv4”, C. Perkins, (Ed.), Network Working Group, Jan. 2002, pp. 1-92.
Le Franck
Swami Yogesh P.
Berhane Yosief
Harrington & Smith PC
Kumar Pankaj
Nokia Corporation
LandOfFree
Apparatus, method and computer program product to reduce TCP... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus, method and computer program product to reduce TCP..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus, method and computer program product to reduce TCP... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4065706