Device for protection against illegal communications and network system thereof
First Claim
1. A communication device connected to a network, for receiving packets sent over network, and transmitting packets based on the packet destination, comprising:
- a control unit; and
a storage unit containing at least one routing table for storing information concerning the packet destination;
wherein, when the received packet is a request for connecting to the packet destination, the control unit stores in the routing table a transmit source address of the packet associated with an identified line where the packet was received, andwhen the received packet is not a connection request, the control unit checks the routing table, acquires a line associated with a destination address matching the destination address of the packet, and sends the packet via the acquired line.
1 Assignment
0 Petitions
Accused Products
Abstract
A communication device, an illegal communication protection device, and network system for providing protection from illegal communications. A communication device is connected to a network, for receiving packets sent and received over networks, and transmitting packets based on the packet destination, includes a control unit, and a storage unit for storing a routing table that stores the destination information. When there is a connection request from a packet that was received, the control unit stores the transmit source address of that packet and the line number where that packet was received, into a routing table, and where there is no connection request from the received packet, the control unit refers to the routing table, acquires the line number linked to an address matching the destination address of that packet, and sends the applicable packet via the acquired line number.
144 Citations
10 Claims
-
1. A communication device connected to a network, for receiving packets sent over network, and transmitting packets based on the packet destination, comprising:
- a control unit; and
a storage unit containing at least one routing table for storing information concerning the packet destination;wherein, when the received packet is a request for connecting to the packet destination, the control unit stores in the routing table a transmit source address of the packet associated with an identified line where the packet was received, and when the received packet is not a connection request, the control unit checks the routing table, acquires a line associated with a destination address matching the destination address of the packet, and sends the packet via the acquired line. - View Dependent Claims (2, 3)
- a control unit; and
-
4. An illegal communication protection device connected to a network for receiving packets exchanged over the networks, transmitting ones of the packets based on the packet destination, and restricting the transmission of the packet when the packet is illegal, including:
-
a control unit; and
a storage unit, whereinthe storage unit contains; a connection request source IP address of the packet, a connection request destination IP address of the packet, and a session information for recording an arrival time that the packet arrived associated with a limit time showing a period to limit rewriting of information relating to the packet, and when the difference between current time and the arrival time recorded in the session information has exceeded the limit time recorded in the session table, the control unit permits the rewriting of information relating to the packet. - View Dependent Claims (5, 6, 7, 8)
-
-
9. A network system connected to one or multiple communication devices for receiving packets sent and received along a network, and for sending packets based on the destination address of the packet, and which is
connected to a single or multiple illegal communication protection devices for receiving packets sent and received along a network, sending packets based on the destination address of the packet, and restricting transmission of a packet when that packet is illegal, comprising: -
a first control unit;
a first storage unit for storing a routing table containing information on the destination of the packet;
whereinwhen the received packet is a connection request, the first control unit associates a packet transmit source address with a received line for the packet and stores it in the routing table, and when the received packet is not a connection request, the first control unit checks the routing table, acquires a line associating the destination address of the packet with the matching destination address, and sends the packet via the acquired line; the illegal communication protection device including a second control unit, and a second storage unit;
whereinthe second storage unit includes a connection request source IP address of the packet, a connection request destination IP address of the packet, session information for recording an arrival time that the packet arrived associated with a limit time showing a period to limit rewriting of information relating to the packet, and the second control unit permits rewriting of the packet when the difference between the arrival time recorded in the session table and current time has exceeded the limit time.
-
-
10. A secure router, comprising:
-
at least two input lines; at least two output lines; a sequence generator; and at least one state table; wherein the secure router routes legal communications, via the two input lines and the two output lines, between at least one user, and at least one of a host and a second router;
wherein legal communications comprise those communications that are properly incremented and sent or received on a proper one of the two output or two input lines without ever having bypassed the secure router, starting from a random initialization by the sequence generator, and that are in a legal state for no more than an allowable time limit in accordance with the at least one state table.
-
Specification