EVALUATING A QUESTIONABLE NETWORK COMMUNICATION
First Claim
1. A method in a computing system for controlling communication, comprising:
- in a computing system, evaluating a network communication, by;
receiving a predefined white list of trusted network addresses that does not include addresses for any unauthenticated network nodes and that includes, for each trusted network address, one or more indications of allowable communication properties;
determining a first internet protocol (IP) address corresponding to the network communication;
determining a first communication property that is associated with the network communication;
determining a second communication property that is an allowable communication property specified by an entry in the white list that corresponds to the first IP address;
evaluating the network communication with respect the white list, by determining whether or not the first communication property is encompassed by the second communication property;
in response to determining that the first communication property is not encompassed by the second communication property, setting an indicator that the network communication is not allowed; and
in response to determining that the first communication property is encompassed by the second communication property, setting an indicator that the network communication is allowed.
0 Assignments
0 Petitions
Accused Products
Abstract
Identifying a questionable network address from a network communication. In an embodiment, a network device receives an incoming or outgoing connection request, a web page, an email, or other network communication. An evaluation module evaluates the network communication for a corresponding network address, which may be for the source or destination of the network communication. The network address generally includes an IP address. The evaluation module determines one or more properties of the network communication, such as time of day, content type, directionality, or the like. The evaluation module then determines whether the properties match or are otherwise allowed based on properties specified in the white list in association with the IP address.
126 Citations
20 Claims
-
1. A method in a computing system for controlling communication, comprising:
in a computing system, evaluating a network communication, by; receiving a predefined white list of trusted network addresses that does not include addresses for any unauthenticated network nodes and that includes, for each trusted network address, one or more indications of allowable communication properties; determining a first internet protocol (IP) address corresponding to the network communication; determining a first communication property that is associated with the network communication; determining a second communication property that is an allowable communication property specified by an entry in the white list that corresponds to the first IP address; evaluating the network communication with respect the white list, by determining whether or not the first communication property is encompassed by the second communication property; in response to determining that the first communication property is not encompassed by the second communication property, setting an indicator that the network communication is not allowed; and in response to determining that the first communication property is encompassed by the second communication property, setting an indicator that the network communication is allowed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
16. A system for controlling communication, comprising:
-
a communication interface for communication with a network resource, the communication interface including a TCP/IP stack; a memory for storing instructions; and a processor in communication with the communication interface and with the memory, wherein the processor is configured to evaluate a network communication, by; receiving a predefined white list of trusted network addresses that does not include addresses for any unauthenticated network nodes and that includes, for each trusted network address, one or more indications of allowable communication properties; determining a first internet protocol (IP) address corresponding to the network communication; determining a first communication property that is associated with the network communication; determining a second communication property that is an allowable communication property specified by an entry in the white list that corresponds to the first IP address; evaluating the network communication with respect the white list, by determining whether or not the first communication property is encompassed by the second communication property; in response to determining that the first communication property is not encompassed by the second communication property, setting an indicator that the network communication is not allowed; and in response to determining that the first communication property is encompassed by the second communication property, setting an indicator that the network communication is allowed. - View Dependent Claims (17, 18, 19, 20)
-
Specification