×

System and method for providing a network host decoy using a pseudo network protocol stack implementation

  • US 6,687,833 B1
  • Filed: 09/24/1999
  • Issued: 02/03/2004
  • Est. Priority Date: 09/24/1999
  • Status: Expired due to Fees
First Claim
Patent Images

1. A system for providing a network host decoy on a virtual host using a pseudo implementation of a network protocol stack, wherein the network protocol stack comprises an Internet Protocol (IP) layer, comprising:

  • a hierarchical network protocol stack comprising a plurality of communicatively interfaced protocol layers, each protocol layer performing a set of defined functions on data segments exchanged therebetween;

    an input buffer receiving a request frame originating from a remote host, the request frame comprising a plurality of recursively encapsulated data segments which each correspond to a successive protocol layer in the network protocol stack, further comprising;

    the IP layer interpreting an IP datagram encapsulated as a data segment within the request frame; and

    a pseudo IP layer modifying a checksum field in a header of the IP datagram and including the modified checksum field in a reply IP datagram formed as a pseudo data segments; and

    a packet formatter, comprising;

    each protocol layer demultiplexing each encapsulated data segment in the request frame by processing a header associated with the encapsulated data segment, performing any requested network service and forwarding any recursively encapsulated portion to the next successive protocol layer;

    a plurality of pseudo protocol layers corresponding to each of the protocol layers in the network protocol stack, each pseudo protocol layer forming a pseudo data segment comprising a header and data portion with the header including network protocol stack characteristics for a pseudo host different than the network protocol stack characteristics for the virtual host and recursively encapsulating each of the pseudo data segments within a response frame and inserting into the response frame a network address for the pseudo host different than the network address for the virtual host; and

    an output buffer sending the response frame to the remote host.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×