Multiplex communications – Pathfinding or routing – Switching a message which includes an address header
Reexamination Certificate
2006-11-20
2009-12-15
Ton, Dang T (Department: 2419)
Multiplex communications
Pathfinding or routing
Switching a message which includes an address header
C370S389000, C710S062000
Reexamination Certificate
active
07633944
ABSTRACT:
Techniques are described for managing timeouts of filter criteria in a packet flow capture applications. The techniques allow for handling large amounts of timeouts used when monitoring a high volume of packet flows, without placing extreme demands on the operating system for managing the timeouts. The timeout data structure may be a circular array having a plurality of elements. The timeout array represents a span of time and the elements represent sequential units of time. Each element contains one or more pointers. The pointer may point to an entry in the filter table, or may be a null pointer. A timer thread periodically checks the timeout array to determine whether any timeouts occur at the current time. The timer thread checks the element of the array corresponding to the current time by computing an index into the array based on the current time.
REFERENCES:
patent: 3962681 (1976-06-01), Requa et al.
patent: 4032899 (1977-06-01), Jenny et al.
patent: 4600319 (1986-07-01), Everett, Jr.
patent: 5408539 (1995-04-01), Finlay et al.
patent: 5490252 (1996-02-01), Macera et al.
patent: 5509123 (1996-04-01), Dobbins et al.
patent: 5568471 (1996-10-01), Hershey et al.
patent: 6011795 (2000-01-01), Varghese et al.
patent: 6018765 (2000-01-01), Durana et al.
patent: 6148335 (2000-11-01), Haggard et al.
patent: 6182146 (2001-01-01), Graham-Cumming, Jr.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6392996 (2002-05-01), Hjalmtysson
patent: 6499088 (2002-12-01), Wexler et al.
patent: 6501752 (2002-12-01), Kung et al.
patent: 6563796 (2003-05-01), Saito
patent: 6594268 (2003-07-01), Aukia et al.
patent: 6598034 (2003-07-01), Kloth
patent: 6735201 (2004-05-01), Mahajan et al.
patent: 6751663 (2004-06-01), Farrell et al.
patent: 6826713 (2004-11-01), Beesley et al.
patent: 6889181 (2005-05-01), Kerr et al.
patent: 6983294 (2006-01-01), Jones et al.
patent: 6985956 (2006-01-01), Luke et al.
patent: 7120931 (2006-10-01), Cheriton
patent: 7139242 (2006-11-01), Bays
patent: 7231459 (2007-06-01), Saraph
patent: 7386108 (2008-06-01), Zave et al.
patent: 2002/0163932 (2002-11-01), Fischer et al.
patent: 2003/0120769 (2003-06-01), McCollom et al.
patent: 2003/0214913 (2003-11-01), Kan et al.
patent: 2007/0016702 (2007-01-01), Pione et al.
patent: 2007/0058558 (2007-03-01), Cheung et al.
patent: WO 98/36532 (1998-08-01), None
patent: WO 02/084920 (2002-10-01), None
“The CAIDA Web Site,” www.caida.org/, 2002, 1 pg.
“About Endace,” www.endace.com/, 2002, 1 pg.
“Cisco IOS NetFlow,” www.cisco.com/warp/public/732/Tech
mp
etflow/index.shtml, 2002, 1 pg.
Weaver, A.C. et al., “A Real-Time Monitor for Token Ring Networks,” Military Communications Conference, 1989, MILCOM '89, Oct. 1989, vol. 3, pp. 794-798.
Dini, P. et al., “Performance Evaluation for Distributed System Components,” Proceedings of IEEE Second International Workshop on Systems Management, Jun. 1996, pp. 20-29.
Integrated Services Adapter, 2000, Cisco Systems, Data Sheet, pp. 1-6, http://www.cisco.com/warp/public/cc/pd/ifaa/svaa/iasvaa/prodlit/ism2—ds.pdf.
“Well-Known TCP Port Number,” www.webopedia.com, 2004, 3 pgs.
“TCP Packet Field Descriptions,” 2003, www.ipanalyser.co.uk, Analyser Sales Ltd., Copyright 2003, 2 pages.
Michael Egan, “Decomposition of a TCP Packet,” www.passwall.com, 3 pages, Aug. 7, 2000.
Mark Gibbs, “A Guide to Original SYN,” www.nwfusion.com, Network World, Nov. 2000, 4 pages.
“Sample TCP/IP Packet,” www.passwall.com, Version 0.0.0 @ 03:55/08.07.2000, Copyright 2002, 6 pages.
D.J. Bernstein, “SYN Cookies,” http://cr.yp.to/syncookies.html, Oct. 2003, 3 pages.
Jonathan Lemon, “Resisting SYN Flood DoS Attacks with a SYN Cache,” http://people.freebsd.org/˜jlemon/papers/syncache.pdf, 9 pages.
Stuart Staniford, et al., “Practical Automated Detection of Stealthy Portscans,” http://downloads.securityfocus.com/library/spice-ccs2000.pdf, 16 pages.
U.S. Appl. No. 10/188,567, entitled “Adaptive Network Flow Analysis,” filed Jul. 2, 2002, Scott Mackie.
U.S. Appl. No. 10/228,150, entitled “Network Device Having Accounting Service Card,” filed Aug. 26, 2002, Woo et al.
U.S. Appl. No. 10/228,132, entitled “Adaptive Network Router,” filed Aug. 26, 2002, Woo et al.
U.S. Appl. No. 10/228,114, entitled “Network Router Having Integrated Flow Accounting and Packet Interception,” filed Aug. 26, 2002, Woo et al.
U.S. Appl. No. 10/241,785, entitled “Rate-Controlled Transmission of Traffic Flow Information,” filed Sep. 10, 2002, Sandeep Jain.
U.S. Appl. No. 10/839,187, entitled “Port Scanning Mitigation Within A Network,” filed May 5, 2004, Michael Freed et al.
PCI Technology Overview, Feb. 2003, www.cs.unc.edu/Research/stc/FAQs/pci-overview.pdf, 22 pgs.
Apte Manoj
Chang Szelap Philip
Deenadayalan Saravanan
Juniper Networks, Inc.
Shumaker & Sieffert P.A.
Ton Dang T
Zhao Wei
LandOfFree
Managing timeouts for dynamic flow capture and monitoring of... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Managing timeouts for dynamic flow capture and monitoring of..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Managing timeouts for dynamic flow capture and monitoring of... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4132355