Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing
Reexamination Certificate
2007-09-11
2007-09-11
Meky, Moustafa (Department: 2157)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
C709S203000, C709S217000, C709S219000
Reexamination Certificate
active
10927803
ABSTRACT:
A method of enhancing a server's ability to withstand a SYN flood type denial of service attack is presented. Modifications to the TCP/IP layer of a server reduce the amount of system resources that are allocated, and the amount of CPU overhead that is required to process a connection request until the TCP/IP three-way handshake is completed to verify the presence of a legitimate client. Specifically, the TCP/IP layer allocates a small TCP control block (TCB) of a size sufficient only to service the connect request upon receipt of the SYN packet. A full TCB is not allocated until the connection is completed. Further, the TCP/IP layer delays notification to the socket layer of the receipt of the SYN packet until after the connection is completed. Finally, the route information of the connection is not cached until after the connection is completed.
REFERENCES:
patent: 5892903 (1999-04-01), Klaus
patent: 5958053 (1999-09-01), Denker
patent: 5963915 (1999-10-01), Kirsch
patent: 6032260 (2000-02-01), Sasmazel et al.
patent: 6205481 (2001-03-01), Heddaya et al.
patent: 6256664 (2001-07-01), Donoho et al.
patent: 6308238 (2001-10-01), Smith et al.
patent: 6314468 (2001-11-01), Murphy et al.
patent: 6367009 (2002-04-01), Davis et al.
patent: 6425014 (2002-07-01), Aiken, Jr. et al.
patent: 6823387 (2004-11-01), Srinivas
Grice, Corey, How a Basic Attack Crippled Yahoo,athttp:/
ews.cnet.com
ews/0-1005-202-1544455.ht5ml, 2 pages (last visited Jun. 8, 2000).
Sandoval, Greg and Troy Wolverton, Leading Web Sites Under Attack,athttp:/
ews.cnet.com
ews/0-1007-202-1545348.html, 3 pages (last visited Jun. 8, 2000).
CNET News.com Staff, How a “Denial of Service” Attack Works,athttp:/
ews.cnet.com
ews/0-1007-202=1546362.html, 1 page (last visited Jun. 8, 2000).
Jacobus, Patricia, White House Calls Experts to Address Cyber Attacks,athttp:/
ews.cnet.com
ews/0-1—5-202-1547509.html, 1 page (last visited Jun. 8, 2000).
The Associated Press, FBI Site Struck by Web Attack,athttp:/
ews.cnet.com
ews/0-1005-20201558533.html, 1 page (last visited Jun. 8, 2000).
CERT Advisory, Vulnerabiliyt in Certain TCP/IP Implementations,atftp://info.cert.org/pub/cert—advisories/CA-98-13-tcp-denial-of-service, 4 pages, (last visited Jun. 9, 2000).
CERT Advisory, TCP SYN Flooding and IP Spoofing Attacks,atftp://info.cert.org/pub/cert—advisories/CA-96,21.tcp—syn—flooding, 8 pages (last visited Jun. 9, 2000).
Internet Server Unavailable Because of Malicious SYN Attacks,atftp://ftp/microsoft.com/buyssys/win . . . xes-postSP5/syn-attack/q142641.txt, 5 pages (last visited Jun. 7, 2000).
Ann Harrison,Firm Nabs Cracker With Intrusion Detection Tool, 33, Computerworld, Aug. 23, 1999, at 59.
Laura DiDio,Internet Security Holes Widen, 32, Computerworld, Mar. 2, 1998, at 37-39.
Hackers Used Variety of Tools, Officials Say, KRTBN (Knight-Ridder Tribune Business News), Feb. 11, 2000.
Axent Increases Flexibility of Security Products, ENT (Boucher Communications), Feb. 9, 2000, at 5, 2, 35.
Meky Moustafa
Wolf Greenfield & Sacks P.C.
LandOfFree
System and method for enhancing a server's ability to... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for enhancing a server's ability to..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for enhancing a server's ability to... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3720970