Systems and methods for preventing intrusion at a web host
First Claim
Patent Images
1. A method for processing commands, comprising:
- intercepting commands directed for a web server;
comparing the intercepted commands to a pre-designated set of commands that are known to be valid commands for the web server; and
dropping ones of the intercepted commands when the comparison of the intercepted commands does not generate a match to the pre-designated set of commands.
4 Assignments
0 Petitions
Accused Products
Abstract
A web host intrusion prevention system includes a filter engine [302] and comparison tables [303]. The comparison tables [303] are populated with the set of valid commands that are to be received at a server. The filter engine [302] looks up received commands in the comparison tables [303]. Received commands that are not in the comparison table are rejected.
-
Citations
30 Claims
-
1. A method for processing commands, comprising:
-
intercepting commands directed for a web server;
comparing the intercepted commands to a pre-designated set of commands that are known to be valid commands for the web server; and
dropping ones of the intercepted commands when the comparison of the intercepted commands does not generate a match to the pre-designated set of commands. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computing device comprising:
-
a communication interface component configured to receive network traffic destined for the computing device;
comparison tables configured to store at least one set of commands;
web serving software configured to receive the network traffic from the communication interface and respond to commands in the network traffic; and
a filter engine configured to perform lookups in the comparison tables based on the commands present in the received network traffic, the filter engine instructing the communication interface to refrain from forwarding the network traffic to the web server software when one of the commands in received network traffic does not correspond to a command in the at least one set of commands. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A method for processing commands, comprising:
-
examining files related to content information of a web server;
generating tables that define valid commands for accessing the examined files;
blocking received commands intended for the web server when the received commands are not present in the generated tables; and
forwarding the received commands'"'"' to the web server when the received commands are present in the generated tables. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
-
22. A system comprising:
-
means for examining commands destined for a web server;
means for comparing the commands to a pre-designated set of commands that are known to be valid commands for the web server; and
means for dropping ones of the commands when the means for comparing the commands does not generate a match to the pre-designated set of commands. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A computer-readable medium containing instructions that when executed by a processor cause the processor to:
-
intercept commands directed for a web server;
compare the intercepted commands to a pre-designated set of commands that are known to be valid commands for the web server; and
drop ones of the intercepted commands when the comparison of the intercepted commands does not generate a match to the pre-designated set of commands. - View Dependent Claims (28, 29, 30)
-
Specification