Information security – Monitoring or scanning of software or data including attack... – Intrusion detection
Reexamination Certificate
2007-10-02
2007-10-02
Zand, Kambiz (Department: 2134)
Information security
Monitoring or scanning of software or data including attack...
Intrusion detection
C713S189000
Reexamination Certificate
active
09968057
ABSTRACT:
Method and apparatus for protecting a data processing system such as an Internet server from attack by a vandal who uses an offensive vulnerability scanner to find an externally visible vulnerability of the data processing system. The method includes determining an externally visible vulnerability using a defensive vulnerability scanner, configuring an intrusion detection system to detect a network flow associated with the vulnerability, and blocking that flow by a firewall or a router. The apparatus includes a defensive vulnerability scanner that finds an externally visible vulnerability and provides a description of the vulnerability, an intrusion detection system that detects a network flow that satisfies the description, and a firewall or a router that blocks the flow responsive to detection of the flow by the intrusion detection system.
REFERENCES:
patent: 5892903 (1999-04-01), Klaus
patent: 5898836 (1999-04-01), Freivald et al.
patent: 5931946 (1999-08-01), Terada et al.
patent: 5978842 (1999-11-01), Noble et al.
patent: 6012087 (2000-01-01), Freivald et al.
patent: 6148339 (2000-11-01), Nagamatsu et al.
patent: 6163844 (2000-12-01), Duncan et al.
patent: 6298445 (2001-10-01), Shostack et al.
patent: 6301668 (2001-10-01), Gleichauf et al.
patent: 6304975 (2001-10-01), Shipley
patent: 6550012 (2003-04-01), Villa et al.
patent: 6611869 (2003-08-01), Eschelbeck et al.
patent: 6725377 (2004-04-01), Kouznetsov
patent: 6892237 (2005-05-01), Gai et al.
patent: 7020783 (2006-03-01), Vange et al.
patent: 2002/0069356 (2002-06-01), Kim
patent: 2002/0073337 (2002-06-01), Ioele et al.
patent: 0010093 (2000-02-01), None
patent: 0042528 (2000-07-01), None
Nahum, E. et al. “Performance Issues in WWW Servers”, Performance Evaluation Review, vol. 27, No. 1, pp. 216-217, Jun. 1999.
Feldmann, A. et al. “Efficient Policies for Carrying Web Traffic Over Flow-Switched Networks”, IEEE/ACM Transactions on Networking, vol. 6, No. 6, pp. 673-685, Dec. 1998.
Research Disclosure “Method and System for Managing Network Devices via the Web”, No. 41425 p. 1367, Oct. 1998.
Marugama, K. et al. “System and Method for Regulating Incoming Traffic to a Server Farm”, IBM Patent Application, U.S. Appl. No. 09/919,037, filed Feb. 20, 2001.
Thubert, P. et al. “Router Monitoring”, IBM Patent Application, U.S. Appl. No. 09/537,242, filed Mar. 28, 2000.
Lingafelt Charles Steven
Yell Nigel Birkbeck
International Business Machines - Corporation
Irwin David R.
Nalven Andrew L
Pivnichny John R.
Schmeiser Olsen & Watts
LandOfFree
Protecting a data processing system from attack by a vandal... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Protecting a data processing system from attack by a vandal..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Protecting a data processing system from attack by a vandal... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3855140