Virus detection and removal apparatus for computer networks
DCFirst Claim
1. A system for detecting and selectively removing viruses in data transfers, the system comprising:
- a memory for storing data and routines, the memory having inputs and outputs, the memory including a server for scanning data for a virus and specifying data handling actions dependent on an existence of the virus;
a communications unit for receiving and sending data in response to control signals, the communications unit having an input and an output;
a processing unit for receiving signals from the memory and the communications unit and for sending signals to the memory and communications unit;
the processing unit having inputs and outputs;
the inputs of the processing unit coupled to the outputs of memory and the output of the communications unit;
the outputs of the processing unit coupled to the inputs of memory, the input of the communications unit, the processor controlling and processing data transmitted through the communications unit to detect viruses and selectively transfer data depending on the existence of viruses in the data being transmitted;
a proxy server for receiving data to be transferred, the proxy server scanning the data to be transferred for viruses and controlling transmission of the data to be transferred according to preset handing instructions and the presence of viruses, the proxy server having a data input a data output and a control output the data input coupled to receive the data to be transferred; and
a daemon for transferring data from the proxy server in response to control signals from the proxy server, the daemon having a control input, a data input and a data output the control input of the daemon coupled to the control output of the proxy server for receiving control signals, and the data input of the daemon coupled to the data output of the proxy server for receiving the data to be transferred.
4 Assignments
Litigations
0 Petitions
Reexaminations
Accused Products
Abstract
A system for detecting and eliminating viruses on a computer network includes a File Transfer Protocol (FTP) proxy server, for controlling the transfer of files and a Simple Mail Transfer Protocol (SMTP) proxy server for controlling the transfer of mail messages through the system. The FTP proxy server and SMTP proxy server run concurrently with the normal operation of the system and operate in a manner such that viruses transmitted to or from the network in files and messages are detected before transfer into or from the system. The FTP proxy server and SMTP proxy server scan all incoming and outgoing files and messages, respectively before transfer for viruses and then transfer the files and messages, only if they do not contain any viruses. A method for processing a file before transmission into or from the network includes the steps of: receiving the data transfer command and file name; transferring the file to a system node; performing virus detection on the file; determining whether the file contains any viruses; transferring the file from the system to a recipient node if the file does not contain a virus; and deleting the file if the file contains a virus.
-
Citations
22 Claims
-
1. A system for detecting and selectively removing viruses in data transfers, the system comprising:
-
a memory for storing data and routines, the memory having inputs and outputs, the memory including a server for scanning data for a virus and specifying data handling actions dependent on an existence of the virus; a communications unit for receiving and sending data in response to control signals, the communications unit having an input and an output; a processing unit for receiving signals from the memory and the communications unit and for sending signals to the memory and communications unit;
the processing unit having inputs and outputs;
the inputs of the processing unit coupled to the outputs of memory and the output of the communications unit;
the outputs of the processing unit coupled to the inputs of memory, the input of the communications unit, the processor controlling and processing data transmitted through the communications unit to detect viruses and selectively transfer data depending on the existence of viruses in the data being transmitted;a proxy server for receiving data to be transferred, the proxy server scanning the data to be transferred for viruses and controlling transmission of the data to be transferred according to preset handing instructions and the presence of viruses, the proxy server having a data input a data output and a control output the data input coupled to receive the data to be transferred; and a daemon for transferring data from the proxy server in response to control signals from the proxy server, the daemon having a control input, a data input and a data output the control input of the daemon coupled to the control output of the proxy server for receiving control signals, and the data input of the daemon coupled to the data output of the proxy server for receiving the data to be transferred. - View Dependent Claims (2, 3)
-
-
4. A computer implemented method for detecting viruses in data transfers between a first computer and a second computer, the method comprising the steps of:
-
receiving at a server a data transfer request including a destination address; electronically receiving data at the server; determining whether the data contains a virus at the server; performing a preset action on the data using the server if the data contains a virus; sending the data to the destination address if the data does not contain a virus; determining whether the data is of a type that is likely to contain a virus; and transmitting the data from the server to the destination without performing the steps of determining whether the data contains a virus and performing a preset action if the data is not of a type that is likely to contain a virus. - View Dependent Claims (5, 6, 7, 8, 9, 10)
-
-
11. A computer implemented method for detecting viruses in a mail message transferred between a first computer and a second computer, the method comprising the steps of:
-
receiving a mail message request including a destination address; electronically receiving the mail message at a server; determining whether the mail message contains a virus, the determination of whether the mail message contains a virus comprising determining whether the mail message includes any encoded portions, storing each encoded portion of the mail message in a separate temporary file, decoding the encoded portions of the mail message to produced decoded portions of the mail message, scanning each of the decoded portions for a virus, and testing whether the scanning step found any viruses; performing a preset action on the mail message if the mail message contains a virus; and sending the mail message to the destination address if the mail message does not contains a virus. - View Dependent Claims (12, 14, 15, 16, 17)
-
-
13. A computer implemented method for detecting viruses in a mail message transferred between a first computer and a second computer, the method comprising the steps of:
-
receiving a mail message request including a destination address;
electronically receiving the mail message at a server;
scanning the mail message for encoded portions;
determining whether the mail message contains a virus;performing a preset action on the mail message if the mail message contains a virus; sending the mail message to the destination address if the mail message does not contains a virus; and wherein the step of sending the mail message to the destination address is performed if the mail message does not contain any encoded portions;
the server includes a SMTP proxy server and a SMTP daemon; and
the step of sending the mail message comprises transferring the mail message from the SMTP proxy server to the SMTP daemon and transferring the mail message from the SMTP daemon to a node having an address matching the destination address.
-
-
18. An apparatus for detecting viruses in data transfers between a first computer and a second computer, the apparatus comprising:
-
means for receiving a data transfer request including a destination address; means for electronically receiving data at a server; means for determining whether the data contains a virus at the server; means for performing a preset action on the data using the server if the data contains a virus; and means for sending the data to the destination address if the data does not contain a virus. - View Dependent Claims (19, 20, 21, 22)
-
Specification