Multiplex communications – Pathfinding or routing – Switching a message which includes an address header
Reexamination Certificate
2005-10-24
2009-12-08
Shah, Chirag G (Department: 2419)
Multiplex communications
Pathfinding or routing
Switching a message which includes an address header
C370S392000, C370S401000, C726S011000, C726S012000
Reexamination Certificate
active
07630364
ABSTRACT:
Rules in NAT and firewall devices are updated only when a packet flow is verified as genuine through transport-layer message acknowledgment sequences. When a device receives a packet indicating initiation of a new association, the device stores an internal source tag, an internal destination tag, an external source tag, and an external destination tag. Only after receiving a completion acknowledgment message from the destination node, the device sets the internal source tag equal to the external source tag, and sets the internal destination tag equal to the external destination tag. The rules are then updated based on the internal tags. As a result, the approach thwarts denial of service (DOS) attacks that seek to modify rules of NAT and firewall devices to permit harmful traffic.
REFERENCES:
patent: 2004/0052257 (2004-03-01), Adbo et al.
patent: 2005/0013280 (2005-01-01), Buddhikot et al.
patent: 2005/0201370 (2005-09-01), Poyhonen et al.
patent: 2005/0265340 (2005-12-01), Wu et al.
patent: 2006/0062203 (2006-03-01), Satapati
patent: 2006/0164974 (2006-07-01), Ramalho et al.
patent: 2006/0215654 (2006-09-01), Sivakumar et al.
Ong, L. et al., “An Introduction to the Stream Control Transmission Protocol (SCTP),” Network Working Group of the IETF, RFC 3286, May 2002, 9 pages.
Stone, J., et al., “Stream Control Transmission Protocol (SCTP) Checksum Change,” Network Working Group of the IETF, RFC 3309, Sep. 2002, 16 pages.
Stewart, R. et al., “Stream Control Transmission Protocol (SCTP) Partial Reliability Extension,” Network Working Group of the IETF, RFC 3758, May 2004, 20 pages.
Stewart, R. et al., “Stream Control Transmission Protocol,” Network Working Group of the IETF, RFC 2960, Oct. 2000, 120 pages.
Xie, Q., et al., “SCTP NAT Transverse Considerations,” IETF Internet-Draft draft-xie-tsvwg-sctp-nat-00.txt, Network Working Group of the IETF, Jul. 9, 2004, pp. 9 pages.
Stewart, R. et al., “Stream Control Transmission Protocol: A Reference Guide,” 2002, pp. 231-235, Addison-Wesley, Boston, MA.
Xie, Q., “SCTP NAT Transverse Considerations,” slide presentation of Nov. 10, 2004, 5 pages.
U.S. Appl. No. 11/089,721, Notice of Allowance, Notice of Allowability, date mailed Apr. 2, 2008.
Stewart, Randall R., “Stream Control Transmission Protocol (SCTP), A Reference Guide,” Addison-Wesley 2002, pp. VII-XX (table of contents), pp. 1-351.
Lei Peter
Stewart Randall R.
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Shah Chirag G
Shivers Ashley L
LandOfFree
Securely managing network element state information in... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Securely managing network element state information in..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Securely managing network element state information in... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4052983