Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Reexamination Certificate
2004-05-12
2009-02-24
Follansbee, John (Department: 2451)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
C709S223000, C726S022000, C726S025000
Reexamination Certificate
active
07496662
ABSTRACT:
A packet transmitted on a network is read and decoded. A network device and its operating system are identified by analyzing the decoded packet. If more than one operating system is identified from the decoded packet, the operating system is selecting by comparing confidence values assigned to the operating systems identified. A service running on the network device is identified from the decoded packet or subsequent packets that are read, decoded and analyzed. The network topology of a network is determined by reading, decoding, and analyzing a plurality of packets. A flow between two network devices is determined by reading, decoding, and analyzing a plurality of packets. Vulnerabilities are assigned to operating systems and services identified by reading, decoding, and analyzing packets. Network configuration policy is enforced on operating systems and services identified by reading, decoding, and analyzing packets.
REFERENCES:
patent: 5901307 (1999-05-01), Potter et al.
patent: 6199181 (2001-03-01), Rechef et al.
patent: 6334121 (2001-12-01), Primeaux et al.
patent: 6393474 (2002-05-01), Eichert et al.
patent: 6678824 (2004-01-01), Cannon et al.
patent: 6754826 (2004-06-01), Challener et al.
patent: 6772196 (2004-08-01), Kirsch et al.
patent: 7032114 (2006-04-01), Moran
patent: 7073198 (2006-07-01), Flowers et al.
patent: 7113789 (2006-09-01), Boehmke
patent: 7152105 (2006-12-01), McClure et al.
patent: 7257630 (2007-08-01), Cole et al.
patent: 7310688 (2007-12-01), Chin
patent: 2002/0035639 (2002-03-01), Xu
patent: 2003/0101353 (2003-05-01), Tarquini et al.
patent: 2004/0123153 (2004-06-01), Wright et al.
Spitzner, Lance; Passive Fingerprinting, May 3, 2003; Focus on Intrusion Detection; pp. 1-4; obtained from: http://www.stillhq.com/pdfdb/000183/data.pdf.
Lyon, Gordon; Remote OS detection via TCP/IP Stack Fingerprinting, Jun. 30, 2002; pp. 1-12; obtained from: http://web.archive.org/web/20021017063625/www.insecure.org
map
map-fingerprinting-article.html.
Office Action issued on Mar. 12, 2008 in connection with the related U.S. Appl. No. 10/843,459.
Office Action dated Jul. 11, 2008 in corresponding U.S. Appl. No. 11/272,034.
Dempster Ronald A.
Roesch Martin
Follansbee John
Lindsey Matthew S
Posz Law Group , PLC
Sourcefire, Inc.
LandOfFree
Systems and methods for determining characteristics of a... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Systems and methods for determining characteristics of a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Systems and methods for determining characteristics of a... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4082628