System and method for providing exploit protection with message tracking
First Claim
1. A system for providing protection from an exploit to a device connected to a network, comprising:
- (a) a content filter that receives a message that is directed to the device;
(b) a message tracker that is coupled to the content filter and is configured to determine whether the message is an unscanned message; and
(c) a scanner component that is coupled to the message tracker and that is configured to receive the unscanned message and to determine whether at least one element of the message includes an exploit.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for providing protection from exploits to devices connected to a network. The system and method include a component for determining whether an encapsulation has been applied to an attachment associated with a message and unencapsulating such encapsulated attachment, and a component that performs at least one decompression of the attachment when the attachment is compressed. If it is determined that the message, including the attachment, is to be scanned, a component is included that determines whether a header, body, and/or attachment of the message includes exploits. A device that receives messages that are directed to the network employs the components above to provide exploit protection for at least one of the messages.
-
Citations
19 Claims
-
1. A system for providing protection from an exploit to a device connected to a network, comprising:
-
(a) a content filter that receives a message that is directed to the device;
(b) a message tracker that is coupled to the content filter and is configured to determine whether the message is an unscanned message; and
(c) a scanner component that is coupled to the message tracker and that is configured to receive the unscanned message and to determine whether at least one element of the message includes an exploit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for providing protection from an exploit to a device connected to a network, comprising:
-
(a) receiving a message that is directed to the device; and
(b) if the message is an unscanned message, performing actions, including;
i. determining whether at least one element of the message includes an exploit; and
ii. if at least one element of the message includes the exploit, quarantining the message. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for providing protection from an exploit to a device connected to a network, comprising:
-
(a) means for receiving a message that includes a header and at least one of a body and an attachment;
(b) means for determining whether the message including the attachment, is an unscanned message; and
(c) means for determining whether at least one of the header, attachment, and the body includes an exploit in the unscanned message.
-
Specification