摘要 |
<p><P>PROBLEM TO BE SOLVED: To maintain stable network communication by preventing a DOS attack to a target terminal from a particular terminal using a plurality of IP addresses. <P>SOLUTION: A DOS attack defending apparatus and defending method includes: a reception packet buffer section 1 for receiving and storing transmission packets from transmission terminals A, B; table sections 2, 4 for associating an IP address denoting a transmission destination of the packets stored in the buffer section 1 with an individual recognition number for confirming a packet transmission source and recording the IP address; counter sections 5, 6 for counting the number of packets having the same individual recognition number with respect to the same destination IP address recorded in the table sections 2, 4 within a prescribed time; and a discard control section 7 for discarding the received packets stored in the buffer section 1 when the counted value reaches the prescribed value or over. After the discard of the received packets, the discard of the received packets may be stopped after a lapse of the prescribed time and a MAC address may be used for the individual recognition number. <P>COPYRIGHT: (C)2006,JPO&NCIPI</p> |