Securing an accessible computer system
First Claim
1. A method for securing an accessible computer system, the method comprising:
- monitoring for connection transactions between multiple access requesters and an access provider at a switch that is connected to the access provider and that transfers data to and from the access provider;
when the monitoring reveals that one of the multiple access requestors is an attacking access requestor, denying, at the switch, access by the attacking access requestor to the access provider for a time out period during which the attacking access requestor is denied access to the access provider; and
in response to detecting a new connection transaction initiated by the attacking access requestor during the time out period, starting a new time out period and continuing to deny access by the attacking access requestor during the new time out period.
11 Assignments
0 Petitions
Accused Products
Abstract
To secure an accessible computer system, the computer system is monitored for connection transactions. An access requestor is denied access to the computer system when the access requestor initiates a number of connection transactions that exceed a configurable threshold number during a first configurable period of time. The monitoring may include detecting connection transactions initiated by the access requestor, counting the number of connection transactions initiated by the access requestor during the first configurable period of time, and comparing the number of connection transactions initiated by the access requester during the first configurable period of time to the configurable threshold number.
-
Citations
43 Claims
-
1. A method for securing an accessible computer system, the method comprising:
-
monitoring for connection transactions between multiple access requesters and an access provider at a switch that is connected to the access provider and that transfers data to and from the access provider; when the monitoring reveals that one of the multiple access requestors is an attacking access requestor, denying, at the switch, access by the attacking access requestor to the access provider for a time out period during which the attacking access requestor is denied access to the access provider; and in response to detecting a new connection transaction initiated by the attacking access requestor during the time out period, starting a new time out period and continuing to deny access by the attacking access requestor during the new time out period. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system for securing an accessible computer system, comprising:
-
a switch that is connected to an access provider and that includes at least one hardware component configured to; monitor for connection transactions between multiple access requestors and the access provider; when the monitoring reveals that one of the multiple access requestors is an attacking access requestor, deny, at the switch, access by the attacking access requestor to the access provider for a time out period during which the attacking access requestor is denied access to the access provider; and in response to detecting a new connection transaction initiated by the attacking access requestor during the time out period, start a new time out period and continue to deny access by the attacking access requestor during the new time out period. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A switch comprising:
-
a processor; and a memory encoded with machine readable instructions that, when executed by the processor, operate to cause the processor to perform operations comprising; transferring data to and from an access provider; monitoring, at the switch, for connection transactions between multiple access requestors and the access provider; when the monitoring reveals that one of the multiple access requestors is an attacking access requestor, denying, at the switch, access by the attacking access requestor to the access provider for a time out period during which the attacking access requestor is denied access to the access provider; and in response to detecting a new connection transaction initiated by the attacking access requestor during the time out period, starting a new time out period and continuing to deny access by the attacking access requestor during the new time out period. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43)
-
Specification