摘要 |
PROBLEM TO BE SOLVED: To reduce the influence on other networks to a minimum by preventing an unauthorized access, such as distributed denial of service (DDoS) attack, and probing of worms. SOLUTION: When an outbound packet by DDoS attack or an outbound packet of probing by worm is detected by prevention units 10a, 10b, the outbound packet is subjected to Egress filtering so that packets related to unauthorized accesses cannot be sent to a trunk-line network 1000. In addition, a notification for detecting the unauthorized access is transmitted through, as an example, a management system to other prevention units 10c, 10d, so the packet related the unauthorized access is preventively subjected to Ingress filtering by the prevention units 10c, 10d so that the packet cannot be sent to the connection networks C, D. COPYRIGHT: (C)2005,JPO&NCIPI
|