| 发明名称 |
System and process for defending against denial of service attacks on networks nodes |
| 摘要 |
The present invention is a network switch that maintains a relatively lightly loaded state, and at the same time protects the network servers from DOS and DDOS attacks. The switch maintains a very large table of IP addresses where it stores information such as the number of incompleted and completed connections from each address. Using this information, the switch classifies each address into a threat level: unknown, trusted, suspicious, and malicious. Each threat level is treated differently allowing the switch to provide efficient access to the server while maintaining security. Connection to the server is denied to clients classified as malicious while trusted clients are passed through to the server. Suspicious connections are proxied while unknown connection treatment may be set by the user. |
| 申请公布号 |
EP1319296(B1) |
申请公布日期 |
2007.04.18 |
| 申请号 |
EP20010966736 |
申请日期 |
2001.08.30 |
| 申请人 |
TOP LAYER NETWORKS, INC. |
发明人 |
NARAYANASWAMY, KRISHNA;SPINNEY, BARRY A.;ROSS, THEODORE L.;PAQUETTE, MICHAEL D.;WRIGHT, CHRISTOPHER L. |
| 分类号 |
H04L12/66;H04L29/06;H04L12/931;H04L29/08;H04L29/12 |
主分类号 |
H04L12/66 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
