| 摘要 |
A method for providing security in a computing network. When a security node receives a packet broadcast in a segment of the network, it compares an address in the packet with a stored list of addresses to determine if the packet is associated with an untrusted device. The address may be a source or destination address in packet. If the security node determines that an unauthorized packet is being broadcast, it broadcasts a garbage packet while the unauthorized packet is being broadcast. This causes a collision and the nodes in the segment will ignore both packets. The security node may have stored thereon a list of authorized or unauthorized addresses (e.g., medium access control addresses), which it references whenever it detects a packet being broadcast.
|
