摘要 |
A network protection entity (100) for protecting a communication network against fraud messages includes: a physical interface (101, FE0) comprising a connection trunk (T1) associated to the physical interface (FE0) for receiving a communication message (102), wherein the communication message (102) comprises a message source address (X) and a port number (P) and wherein the communication message is directed to a destination within the communication network; a storage (103) for storing an appropriate table (105) which appropriate table (105) is appropriate for indicating a dedicated source address (A) and a dedicated port number (P1) for the physical interface (101, FE0) and the associated connection trunk (T1); and a processor (107) configured to retrieve the dedicated source address (A) and the dedicated port number (P) from the storage (103) and to compare the message source address (X) with the dedicated source address (A) and the port number (P) with the dedicated port number (P1), wherein the processor (107) is further configured to discard the communication message (102) if either the message source address (X) differs from the dedicated source address (A) or the port number (P) differs from the dedicated port number (P1). |