Preventing computer worms from attacking a private computer network through a virtual private network connection

摘要

A system for preventing a computer worm from attacking a private computer network through a virtual private network (VPN) connection includes a client computer and a VPN server. The client computer detects connection attempts to the VPN server. The client computer consults application rules to determine whether an application program running in the client computer and connecting to the VPN server is specifically authorized to connect to the VPN server. The client computer can receive the application rule automatically from the VPN server or manually from a user.

主权项

1. A computer-implemented method comprising:
detecting a virtual private network (VPN) interface in a client computer; detecting a first application program running in the client computer and attempting to connect to a VPN server of a private computer network using the VPN interface; consulting an application rule in the client computer to determine if the first application program is authorized to connect to the VPN server using the VPN interface; allowing the first application program to connect to the private computer network through a VPN connection provided by the VPN server over the Internet when the application rule indicates that the first application program is authorized to connect to the VPN server; detecting a second application program running in the client computer and attempting to connect to the VPN server of the private computer network using the VPN interface; consulting the application rule to determine if the second application program is authorized to connect to the VPN server using the VPN interface; and blocking the second application program from connecting to the VPN server when the application rule does not specifically indicate that the second application program is authorized to connect to the VPN server.