Method for resisting a denial-of-service attack of a private network element
First Claim
Patent Images
1. A method for resisting a denial-of-service attack of a private network element comprising:
- receiving a packet destined for a private network element over an IP-compliant network;
assigning a proxy agent operable within a firewall to examine said packet based on the destination port of said packet;
determining, by said proxy agent, whether said packet is suspect and should be discarded; and
if said packet is suspect, then discarding said packet without shutting down said port.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for resisting a denial-of-service attack of a private network element are disclosed. In one embodiment, a network device is configured to receive a packet destined for a private network element over an IP-compliant network. A proxy is assigned to examine the packet based on the destination port of the packet. The proxy agent then determines whether the packet is suspect and should be discarded. If the packet is suspect, it is discarded without shutting down said port.
107 Citations
20 Claims
-
1. A method for resisting a denial-of-service attack of a private network element comprising:
-
receiving a packet destined for a private network element over an IP-compliant network;
assigning a proxy agent operable within a firewall to examine said packet based on the destination port of said packet;
determining, by said proxy agent, whether said packet is suspect and should be discarded; and
if said packet is suspect, then discarding said packet without shutting down said port. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A firewall device for resisting a denial-of-service attack of a private network element comprising:
-
a firewall operatively disposed between a private network element and an IP-compliant network;
the firewall device configured to receive a packet destined for a private network element over an IP-compliant network and assign a proxy agent operable within said firewall to examine said packet based on the destination port of said packet; and
wherein the proxy agent is configured to discard suspect packets without shutting down said port. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A firewall apparatus for resisting a denial-of-service attack of a private network element comprising:
-
means for receiving a packet destined for a private network element over an IP-compliant network;
means for assigning a proxy agent operable within a firewall to examine said packet based on the destination port of said packet;
means for determining whether said packet is suspect and should be discarded; and
means for discarding said packet without shutting down said port if said packet is suspect. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer-readable device containing a set of computer instructions for performing a method for resisting a denial-of-service attack of a private network element, the method comprising:
-
receiving a packet destined for a private network element over an IP-compliant network;
assigning a proxy agent operable within a firewall to examine said packet based on the destination port of said packet;
determining, by said proxy agent, whether said packet is suspect and should be discarded; and
if said packet is suspect, then discarding said packet without shutting down said port. - View Dependent Claims (17, 18, 19, 20)
-
Specification