| 发明名称 | Systems and methods for aggressive window probing | ||
| 摘要 | The present application is directed towards systems and methods for aggressively probing a client side connection to determine and counteract a malicious window size attack or similar behavior from a malfunctioning client. The solution described herein detects when a connection may be under malicious attach via improper or unusual window size settings. Responsive to the detection, the solution described herein will setup probes that determine whether or not the client is malicious and does so within an aggressive time period to avoid the tying up of processing cycles, transport layer sockets and buffers, and other resources of the sender. | ||
| 申请公布号 | US8875290(B2) | 申请公布日期 | 2014.10.28 |
| 申请号 | US201313769425 | 申请日期 | 2013.02.18 |
| 申请人 | Citrix Systems, Inc. | 发明人 | Taneja Varun;Mylarappa Mahesh;Annamalaisami Saravanakumar |
| 分类号 | G06F21/00 | 主分类号 | G06F21/00 |
| 代理机构 | Foley & Lardner LLP | 代理人 | Foley & Lardner LLP ;McKenna Christopher J. |
| 主权项 | 1. A system comprising: a device intermediary to a client and a server, the device configured to establish a first transport layer connection with the client responsive to receiving a request by the client to establish a transport layer connection with the server, the client identifying a window size for the first transport layer connection less than a maximum segment size; and wherein the device is configured to drop packets sent from the client identifying that the window size is still less than the maximum segment size in response to a window probe packet sent by the device, and upon determining that the client has not increased the window size responsive to a predetermined number of window probe packets, the device is configured to disestablish the first transport layer connection. | ||
| 地址 | Fort Lauderdale FL US | ||