×

Method of validating requests for sender reputation information

  • US 7,877,493 B2
  • Filed: 05/05/2006
  • Issued: 01/25/2011
  • Est. Priority Date: 05/05/2005
  • Status: Expired due to Fees
First Claim
Patent Images

1. An apparatus, comprising:

  • a network interface that is coupled to a data network for receiving one or more packet flows therefrom;

    a processor;

    one or more stored sequences of instructions which, when executed by the processor, cause the processor to perform;

    storing in the apparatus a secret string;

    wherein the secret string and a message authentication code algorithm identifier are distributed to a first host computer;

    receiving, from the first host computer, a DNS format query to obtain a reputation score associated with a second host computer,wherein the query includes a first authentication code that has been computed at the first host computer by executing the message authentication code algorithm over the secret string;

    wherein the DNS format query comprises an inverted Internet Protocol (IP) address of the second host computer concatenated with the first authentication code of the first host computer;

    in response to determining that the first host computer has a valid customer license to use services from the apparatus and that the customer license has not expired, validating the first authentication code by;

    computing, at the apparatus, a second authentication code by executing the message authentication code algorithm over the secret string, both stored in the apparatus, anddetermining that the validation is successful if the first authentication code and the second authentication code match;

    only when the first host computer has the valid customer license to use services from the apparatus, the customer license has not expired, and validating the first authentication code is successful, performing a DNS lookup in a reputation database and returning a DNS response that provides the reputation score associated with the second host computer;

    wherein the DNS lookup comprises determining which of paranoid, cautious, moderate and aggressive characteristics describes the second host computer.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×