Method and apparatus to block fast-spreading computer worms...

Information security – Monitoring or scanning of software or data including attack...

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Method and apparatus to block fast-spreading computer worms... Method and apparatus to block fast-spreading computer worms...

: 2004-08-20
: 2009-12-15
: Pich, Ponnoreay (Department: 2435)
: Information security
: Monitoring or scanning of software or data including attack...

: C726S024000, C709S223000
: Reexamination Certificate
: active
: 07634808
: ABSTRACT:
Parameters of DNS transactions associated with DNS MX record queries, which may be performed by mass-mailing worms from a host computer system, are detected at a DNS proxy and collected. An outbound SMTP transaction, such as an e-mail message, received at an SMTP proxy is stalled at the SMTP proxy and a determination is made whether malicious code activity is detected on the host computer system by correlating the parameters associated with the DNS MX record queries and the e-mail message. In one embodiment, above a specified threshold rate of DNS MX record queries to resolve SMTP server IP addresses, followed by the use of a resolved SMTP server IP address to send the e-mail message, an assumption is made that the e-mail message is generated by a worm, such as a mass-mailing worm, and protective action is taken thus preventing propagation of the worm, or other malicious code, via the outbound e-mail message.

REFERENCES:
patent: 6434600 (2002-08-01), Waite et al.
patent: 6886099 (2005-04-01), Smithson et al.
patent: 6920501 (2005-07-01), Chu et al.
patent: 6941348 (2005-09-01), Petry et al.
patent: 6986037 (2006-01-01), Assmann
patent: 7130401 (2006-10-01), Rampey et al.
patent: 7334262 (2008-02-01), Szor
patent: 7380277 (2008-05-01), Szor
patent: 2002/0073233 (2002-06-01), Gross et al.
patent: 2002/0174185 (2002-11-01), Rawat et al.
patent: 2003/0172264 (2003-09-01), Dillon
patent: 2003/0177395 (2003-09-01), Pardee et al.
patent: 2003/0177396 (2003-09-01), Bartlett et al.
patent: 2004/0015726 (2004-01-01), Szor
patent: 2004/0236999 (2004-11-01), Bezuidenhout
patent: 2005/0166268 (2005-07-01), Szor
patent: 2006/0036690 (2006-02-01), O'Neil

Affiliated with

Perriot Frederic

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Szor Peter

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Gunnison McKay & Hodgson, L.L.P.

Law Firm

[ 0.00 ] – not rated yet Voters 0 Comments 0

Hodgson Serge J.

Attorney

[ 0.00 ] – not rated yet Voters 0 Comments 0

Pich Ponnoreay

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

Symantec Corporation

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Method and apparatus to block fast-spreading computer worms... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus to block fast-spreading computer worms..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus to block fast-spreading computer worms... will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-4139133

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure