Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing
Reexamination Certificate
2005-12-06
2005-12-06
Prieto, Beatriz (Department: 2142)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
C713S151000, C713S171000
Reexamination Certificate
active
06973496
ABSTRACT:
In a preferred embodiment of the invention, a network client inserts a validation key into the SEQ and ACK fields of a TCP connection request (TCP-SYN). The TCP connection request is sent to a validating server. The validating server extracts the validation key and uses it, with other implicit and explicit data contained within the TCP connection request to validate the connection establishment request. If the connection request is validated, the validating server responds with a TCP-SYN/ACK as described in the TCP protocol specification. If the TCP connection request is denied, the request is discarded and nothing is sent back to the requestor, in this case the network client. When an internet port scanner sends a TCP connection request to a validating network server without the proper key, the request is silently discarded or “black-holed.” This makes the validating server appear to the Internet port scanner to not exist. The validating server has completely concealed itself from unauthorized and unvalidated connections.
REFERENCES:
patent: 5835726 (1998-11-01), Shwed et al.
patent: 5941988 (1999-08-01), Bhagwat et al.
patent: 5958053 (1999-09-01), Denker
patent: 5978849 (1999-11-01), Khanna
patent: 6061341 (2000-05-01), Andersson et al.
patent: 6115393 (2000-09-01), Engel et al.
patent: 6182226 (2001-01-01), Reid et al.
patent: 6247060 (2001-06-01), Boucher et al.
patent: 6327626 (2001-12-01), Schroeder et al.
patent: 6341129 (2002-01-01), Schroeder et al.
patent: 6564267 (2003-05-01), Lindsay
patent: 6570849 (2003-05-01), Skemer et al.
patent: 6625657 (2003-09-01), Bullard
patent: 6826684 (2004-11-01), Fink et al.
patent: 2001/0009014 (2001-07-01), Savage et al.
patent: 2001/0034847 (2001-10-01), Gaul, Jr.
patent: 2001/0042200 (2001-11-01), Lamberton et al.
patent: 2001/0047474 (2001-11-01), Takagi et al.
patent: 2002/0035681 (2002-03-01), Maturana et al.
patent: WO 99/31855 (1999-06-01), None
Thomas, Michael; “Bindling Updates Security”; community.roxen.com; draft-thomas-mobileip-bu-sec-00.txt; Cisco Systems, Nov. 2, 2001.
Bellovin, Steven M.; “Probable Plaintext Cryptanalysis of IPSEC”; AT&T Labs Research, Feb. 2, 1997; pp. 1-11.
Stevens, W. Richard; (TCP/IP Illustrated: the protocols, vol. 1): Addison Wesley, 1994; pp. 225-227.
RFC 793, “RFC 793: Transmission Control Protocol”; DARPA Internet Program Protocol Specification; Information Sciences Institute, University of Souther California; Sep. 1981; pp. 1-85.
Kent et al.; “RFC 2406: IP Encapsulating Security Payload (ESP)”; Network Working Group; Nov. 1998; pp. 1-22.
Thayer et al.; “RFC 2411: IP Security Document Roadmap”; Network Working Group; Nov. 1998; pp. 1-11.
Archduke Holdings, Inc.
Giaccherini Thomas N.
Meucci Michael D.
Prieto Beatriz
LandOfFree
Concealing a network connected device does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Concealing a network connected device, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Concealing a network connected device will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3475760