Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2006-11-07
2006-11-07
Louis-Jacques, Jacques (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C370S395540, C713S152000
Reexamination Certificate
active
07134012
ABSTRACT:
Methods, systems and computer program products are provided for determining if a packet has a spoofed source Internet Protocol (IP) address. A source media access control (MAC) address of the packet and the source IP address are evaluated to determine if the source IP address of the packet has been bound to the source MAC address at a source device of the packet. The packet is determined to have a spoofed source IP address if the evaluation indicates that the source IP address is not bound to the source MAC address. Such an evaluation may be made for packets having a subnet of the source IP address which matches a subnet from which the packet originated.
REFERENCES:
patent: 5757924 (1998-05-01), Friedman et al.
patent: 5884024 (1999-03-01), Lim et al.
patent: 5935245 (1999-08-01), Sherer
patent: 6009103 (1999-12-01), Woundy
patent: 6073178 (2000-06-01), Wong et al.
patent: 6182226 (2001-01-01), Reid et al.
patent: 6289377 (2001-09-01), Lalwaney et al.
patent: 6442144 (2002-08-01), Hansen et al.
patent: 6466986 (2002-10-01), Sawyer et al.
patent: 6496935 (2002-12-01), Fink et al.
patent: 6618398 (2003-09-01), Marchetti et al.
patent: 6754716 (2004-06-01), Sharma et al.
patent: 2002/0013844 (2002-01-01), Garrett et al.
Comer, Douglas, “Internetworking with TCP/IP vol. 1,” 1995, 3rdEd., Prentice-Hall, Inc., pp. 73-81.
Doeppner, et al., “Using Router Stamping to Identify the Source of IP Packets”, 2000, ACM, pp. 184-189.
David C. Plummer,An Ethernet Address Resolution Protocol. Network Working Group Request for Comments 826, Nov. 1982.
Jon Postel (Editor),Internet Protocol. Request for Comments 791, Sep. 1981.
CERT® Advisory CA-1996-21 TCP SYN Flooding and IP Spoofing Attacks. http//www.cert.org/advisories/CA-1996-21.html.
Farrow, Rik, “Source Address Spoofing,”Network Magazine, May 1, 2000.
Farrow, Rik, “Source Address Spoofing,” Microsoft TechNet Security, 2000.
Ferguson et al. RFC2267, Network Ingress Filtering: Defeating Denial of Service Attachs which employ IP Source Address Spooofing, www.ietf.org/rfc/rfc2267.txt.
Doyle Ronald P.
Hind John R.
Narten Thomas
Peters Marcia L.
Louis-Jacques Jacques
Powers William S.
LandOfFree
Methods, systems and computer program products for detecting... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods, systems and computer program products for detecting..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods, systems and computer program products for detecting... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3661960