Information security – Monitoring or scanning of software or data including attack...
Reexamination Certificate
2004-05-06
2008-12-30
Song, Hosuk (Department: 2435)
Information security
Monitoring or scanning of software or data including attack...
C726S023000
Reexamination Certificate
active
07472416
ABSTRACT:
Approaches for preventing TCP RST attacks intended to cause denial of service in packet-switched networks are disclosed. In one approach, upon receiving a TCP RST packet, an endpoint node determines whether the TCP segment contains valid authentication information. The TCP RST segment is accepted and the TCP connection is closed only when the authentication information is valid. Authentication information may comprise a reset type values, and either initial sequence numbers of both endpoints, or a copy of a TCP header and options values previously sent by the endpoint node that is performing the authentication. Thus, attacks are thwarted because an attacker cannot know or reasonably guess the required authentication information.
REFERENCES:
patent: 6751668 (2004-06-01), Lin et al.
patent: 6779033 (2004-08-01), Watson et al.
patent: 7013482 (2006-03-01), Krumel et al.
patent: 7069438 (2006-06-01), Balabine et al.
patent: 7076555 (2006-07-01), Orman et al.
patent: 7275093 (2007-09-01), Freed et al.
patent: 2002/0145976 (2002-10-01), Meyer et al.
patent: 2003/0140124 (2003-07-01), Burns
patent: 2003/0154399 (2003-08-01), Zuk et al.
patent: 2003/0191844 (2003-10-01), Meyer et al.
patent: 2004/0006643 (2004-01-01), Dolson et al.
patent: 2004/0052234 (2004-03-01), Ameigeiras et al.
patent: 2005/0021999 (2005-01-01), Touitou et al.
patent: 2006/0253603 (2006-11-01), Clark et al.
S. Bellovin, Defending Against Sequence Number Attacks May 1996, Network Working Group, Request for Comments: 1948.
Stewart, R., “Transmission Control Protocol security considerations draft-ietf-tcpm-tcpsecure-00.txt”, Network Working Group (Draft, 2004); pp. 1-10.
“Transmission Control Protocol”,Information Sciences Institute(1981), 89 pages.
“Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Delcaration” as received from the PCT in corresponding International application No. PCT/US05/15261.
Stewart, R. et al., “Transmission Control Protocol security considerations” Network Working Group, IETF, draft-ietf-tcpm-tcpsecure-00, Apr. 19, 2004, 12 pages.
Appleshare, “AppleShare IP 6.3.3: How to Turn TCP Filtering On and Off”, Apple, Dec. 13, 2003, Article 50832, 2 pages.
TCP/IP Guide, TCP Basic Operation: Connection Establishment, Management and Termination, printed Dec. 3, 2007, 6 pages.
Bage Shrirang
Dalal Mitesh
Khare Amol
Ramaiah Anantha
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Song Hosuk
LandOfFree
Preventing network reset denial of service attacks using... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Preventing network reset denial of service attacks using..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Preventing network reset denial of service attacks using... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4037274