Methods, systems, and products for intrusion detection
First Claim
Patent Images
1. A system, comprising:
- a host computer system;
a peripheral card coupled to the host computer system, the peripheral card comprising a first interface to a first communications network and a second interface to a second communications network, the first interface comprising a first wireless communications portion and a processor managing the first wireless communications portion, the first wireless communications portion coupled to an antenna and configured for one-way communication to wirelessly receive data packets from the first communications network, the first wireless communications portion lacking a configuration to transmit data to the first communications network, the second interface interfacing with the second communications network; and
memory coupled to the peripheral card, the peripheral card storing the data packets in the memory, the peripheral card inspecting a header portion and a payload portion of each data packet and comparing the header portion and the payload portion to a set of rules stored in the memory; and
if the header portion and the payload portion satisfy the set of rules, then the peripheral card ignores a data packet, and if the header portion and the payload portion fail to satisfy the set of rules, then a failure signifies an intrusion event,wherein the first interface of the peripheral card reduces intrusion of the first communications network by preventing a download of the data packets from the first communications network and the second communications network.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and products are disclosed for detecting an intrusion to a communications network. One embodiment describes a system for detecting intrusions. The system has a peripheral card coupled to a host computer system. The peripheral card has a communications portion and a processor managing the communications portion. The communications portion has only a capability for receiving data packets via a communications network. The communications portion lacks capability of transmitting the data packets via the communications network. The communications portion of the peripheral card reduces intrusion of the communications network.
-
Citations
18 Claims
-
1. A system, comprising:
-
a host computer system; a peripheral card coupled to the host computer system, the peripheral card comprising a first interface to a first communications network and a second interface to a second communications network, the first interface comprising a first wireless communications portion and a processor managing the first wireless communications portion, the first wireless communications portion coupled to an antenna and configured for one-way communication to wirelessly receive data packets from the first communications network, the first wireless communications portion lacking a configuration to transmit data to the first communications network, the second interface interfacing with the second communications network; and memory coupled to the peripheral card, the peripheral card storing the data packets in the memory, the peripheral card inspecting a header portion and a payload portion of each data packet and comparing the header portion and the payload portion to a set of rules stored in the memory; and if the header portion and the payload portion satisfy the set of rules, then the peripheral card ignores a data packet, and if the header portion and the payload portion fail to satisfy the set of rules, then a failure signifies an intrusion event, wherein the first interface of the peripheral card reduces intrusion of the first communications network by preventing a download of the data packets from the first communications network and the second communications network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
coupling a host computer system to a peripheral card that comprises a first interface to a first communications network and a second interface to a second communications network, the first interface comprising a first wireless communications portion and a processor managing the communications portion, the first wireless communications portion configured for one-way communication to wirelessly receive data packets from the first communications network and lacking a configuration to transmit data to the first communications network; wirelessly receiving the data packets at an antenna coupled to the first wireless communications portion, the antenna wirelessly receiving the data packets from the first communications network; coupling the peripheral card to memory and storing the data packets in the memory; inspecting a header portion and a payload portion of each data packet and comparing the header portion and the payload portion to a set of rules stored in the memory; ignoring a data packet when the header portion and the payload portion satisfy the set of rules; and failing the data packet when the header portion and the payload portion fail to satisfy the set of rules, a failure signifying an intrusion event, wherein the first interface of the peripheral card reduces intrusion of the first communications network by preventing a download of the data packets from the first communications network and the second communications network. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product storing processor executable instructions for performing a method, the method comprising:
-
coupling a host computer system to a peripheral card comprising a first interface to a first communications network and a second interface to a second communications network, the first interface comprising a first wireless communications portion and a processor managing the first wireless communications portion, the first wireless communications portion configured for one-way communication to wirelessly receive data packets from the first communications network, the first wireless communications portion lacking a configuration to transmit data to the first communications network; wirelessly receiving the data packets at an antenna coupled to the first wireless communications portion, the antenna wirelessly receiving the data packets from the first communications network; coupling the peripheral card to memory and storing the data packets in the memory; inspecting a header portion and a payload portion of each data packet and comparing the header portion and the payload portion to a set of rules stored in the memory; ignoring a received data packet when the header portion and the payload portion satisfy the set of rules; and failing a data packet when the header portion and the payload portion fail to satisfy the set of rules, a failure signifying an intrusion event, wherein the first interface of the peripheral card reduces intrusion of the first communications network by preventing a download of the data packets from the first communications network and the second communications network. - View Dependent Claims (16, 17, 18)
-
Specification