Method and apparatus for remote installation of network drivers and software

US 8,006,243 B2
Filed: 12/19/2006
Issued: 08/23/2011
Est. Priority Date: 12/07/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A distributed packet based security program installed and enabled without shutdown or restart across a plurality of computers in a network that enables each of the plurality of computers to evaluate packets received over the network according to a predetermined standard and selectively allow transmission of such packets from the network to a protocol driver, the distributed packet based security program comprising filter code installed between a media access control unit and the protocol driver of each computer, the media access control unit being coupled to a physical transmission medium of the network to receive the packets from data provided across the medium.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for remote installation of network drivers and software. The present invention provides for the remote installation of a rerouting driver into the network driver interface in the path between one or more media access control units and one or more protocol drivers in a computer system. Code in the network driver interface is disabled, patched to insert the rerouting driver, and then re-enabled. The disabling and re-enabling of the code is performed such that the computer system does not have to be restarted following installation of the patch.

270 Citations

25 Claims

1. A distributed packet based security program installed and enabled without shutdown or restart across a plurality of computers in a network that enables each of the plurality of computers to evaluate packets received over the network according to a predetermined standard and selectively allow transmission of such packets from the network to a protocol driver, the distributed packet based security program comprising filter code installed between a media access control unit and the protocol driver of each computer, the media access control unit being coupled to a physical transmission medium of the network to receive the packets from data provided across the medium.
- View Dependent Claims (2, 3, 4, 16, 17)
- - 2. The distributed packet based security program of claim 1, wherein the install is performed using a patching technique.
  - 3. The distributed packet based security program of claim 1, wherein each of the plurality computers form a shared memory buffer between a user space that stores first code of the distributed packet based security program and a system address space that stores the protocol driver and second code of the distributed packet based security program, wherein the second code is coupled to the shared memory buffer to store information regarding packets received over the network, and wherein the first code is coupled to the shared memory buffer to evaluate information stored in the shared memory buffer.
  - 4. The distributed packet based security program of claim 1, wherein the install is performed remotely from a host computer coupled to the network.
  - 16. The distributed packet based security program of claim 1, wherein each of the computers comprises:
    - a program stored on a computer-readable tangible storage device and executed by a processor via a memory for running a network driver interface and the distributed packet based security program and for installing first and second code while the network driver interface is running; and
      
      a shared memory buffer between a user space that stores the first code and a system address space that stores the protocol driver and the second code,wherein the second code is coupled to the shared memory buffer to store information regarding packets received over the network, andwherein the first code is coupled to the shared memory buffer to evaluate information stored in the shared memory buffer.
  - 17. The distributed packet based security program of claim 1, wherein the filter code is installed between the media access control unit and the protocol driver of each computer by:
    - storing a rerouting driver comprising the filter code in memory of the computer;
      
      disabling access to a section of computer code in a network driver interface coupled between the media access control unit and the protocol driver by overwriting computer code that is executed before the section of computer code with blocking computer code;
      
      patching the section of computer code without stopping complete operation of the network driver interface, the patching of the section of computer code comprising inserting a template jump from the network driver interface to a template in the rerouting driver, the template comprising new computer code for controlling communications, the template jump and the template enabling the rerouting driver to control communication between the media access control unit and the protocol driver; and
      
      re-enabling access to the section of computer code by replacing the blocking computer code with the patched section of computer code.

5. A computer system comprising:
- a plurality of networked computers each including,a media access control unit coupled to a physical transmission medium of the network to extract packets from data provided across the medium;
  
  a protocol driver coupled to the media access control unit; and
  
  filter code installed in between the media access control unit and the protocol driver and enabled without shutdown or restart to evaluate the packets and selectively allow continued transmission of different ones of the packets to the protocol driver.
- View Dependent Claims (6, 7, 8, 18, 19)
- - 6. The computer system of claim 5, wherein the install is performed using a patching technique.
  - 7. The computer system of claim 5, wherein each of the plurality computers includes a shared memory buffer between a user space that stores a security application and a system address space that stores the media access control unit, the protocol driver, and the filter code, wherein the filter code is coupled to the shared memory buffer to store information regarding packets received over the network, and wherein the security application is coupled to the shared memory buffer to evaluate information stored in the shared memory buffer.
  - 8. The computer system of claim 5, wherein the install is performed remotely from a host computer coupled to the network.
  - 18. The computer system of claim 5, further comprising a network driver interface, wherein the protocol driver is coupled to the media access control unit via the network driver interface, and wherein the filter code is installed such that the filter code is coupled to the network driver interface while the network driver interface is running.
  - 19. The computer system of claim 5, wherein the filter code is installed between the media access control unit and the protocol driver of each networked computer by:
    - storing a rerouting driver comprising the filter code in memory of the networked computer;
      
      disabling access to a section of computer code in a network driver interface coupled between the media access control unit and the protocol driver by overwriting computer code that is executed before the section of computer code with blocking computer code;
      
      patching the section of computer code without stopping complete operation of the network driver interface, the patching of the section of computer code comprising inserting a template jump from the network driver interface to a template in the rerouting driver, the template comprising new computer code for controlling communications, the template jump and the template enabling the rerouting driver to control communication between the media access control unit and the protocol driver; and
      
      re-enabling access to the section of computer code by replacing the blocking computer code with the patched section of computer code.

9. A computer implemented method comprising:
- distributing from a remote host across a network to a plurality of computers code to be installed by each of said plurality of computers, each of said plurality of computers comprising routines to be executed to provide a communication path between a media access control unit coupled to the network and a protocol driver, the communication path for packets transmitted across the network;
  
  transmitting from the remote host to each of the plurality of computers a command to cause each of the plurality of computers to execute the code; and
  
  each of the plurality of computers, responsive to the command, installing the code in the communication path between the media access control unit and the protocol driver, the installed code being enabled, without restart of the computer, to determine whether to allow continued transmission of different ones of the packets received over the network along the communication path.
- View Dependent Claims (10, 11, 12, 20, 21)
- - 10. The computer implemented method of claim 9, wherein the installing is performed using a patching technique.
  - 11. The computer implemented method of claim 9, wherein each of the plurality computers, responsive to the command, also forms a shared memory buffer between a system address space that stores the protocol driver and a user space that stores a security application, wherein the code is coupled to the shared memory buffer to store information regarding packets received over the network, wherein the application is coupled to the shared memory buffer to evaluate information stored in the shared memory buffer.
  - 12. The computer implemented method of claim 9, wherein the installing comprises installing the code in-between a network driver interface and the protocol driver.
  - 20. The computer implemented method of claim 9, wherein the code comprises a security filter.
  - 21. The computer implemented method of claim 9, wherein installing the code in the communication path between the media access control unit and the protocol driver comprises:
    - storing the code in memory;
      
      disabling access to a section of computer code in a network driver interface coupled between the media access control unit and the protocol driver by overwriting computer code that is executed before the section of computer code with blocking computer code;
      
      patching the section of computer code without stopping complete operation of the network driver interface, the patching of the section of computer code comprising inserting a template jump from the network driver interface to a template in the code, the template comprising new computer code for controlling communications, the template jump and the template enabling the code to control communication between the media access control unit and the protocol driver; and
      
      re-enabling access to the section of computer code by replacing the blocking computer code with the patched section of computer code.

13. A computer program product comprising:
- a computer-readable, tangible storage device;
  
  first program instructions for distributing from a remote host across a network to a plurality of computers code to be installed by each of the plurality of computers, each of the plurality of computers comprising routines to be executed to provide a communication path between a media access control unit coupled to the network and a protocol driver, the communication path for packets transmitted across the network; and
  
  second program instructions for transmitting from the remote host to each of the plurality of computers a command to cause each of the plurality of computers to execute the code; and
  
  each of the plurality of computers, responsive to the command, installing the code in the communication path between the media access control unit and the protocol driver, the installed code being enabled, without restart of the computer, to determine whether to allow continued transmission of different ones of the packets received over the network along the communication path,wherein the first and second program instructions are stored on the computer-readable, tangible storage device.
- View Dependent Claims (14, 15, 22, 23)
- - 14. The computer program product of claim 13, wherein the installing is performed using a patching technique.
  - 15. The computer program product of claim 13, wherein each of the plurality computers, responsive to the command, also forms a shared memory buffer between a system address space that stores the protocol driver and a user space that stores a security application, wherein the code is coupled to the shared memory buffer to store information regarding packets received over the network, wherein the application is coupled to the shared memory buffer to evaluate information stored in the shared memory buffer.
  - 22. The computer program product of claim 13, wherein the code comprises a security filter, and wherein the code is installed while the computer is running a network driver interface.
  - 23. The computer program product of claim 13, wherein installing the code in the communication path between the media access control unit and the protocol driver comprises:
    - storing the code in memory;
      
      disabling access to a section of computer code in a network driver interface coupled between the media access control unit and the protocol driver by overwriting computer code that is executed before the section of computer code with blocking computer code;
      
      patching the section of computer code without stopping complete operation of the network driver interface, the patching of the section of computer code comprising inserting a template jump from the network driver interface to a template in the code, the template comprising new computer code for controlling communications, the template jump and the template enabling the code to control communication between the media access control unit and the protocol driver; and
      
      re-enabling access to the section of computer code by replacing the blocking computer code with the patched section of computer code.

24. A computer program product comprising:
- a computer-readable, tangible storage device;
  
  first program instructions for receiving code at a computer from a network to be installed by the computer, the computer comprising routines to be executed to provide a communication path between a media access control unit coupled to the network and a protocol driver, the communication path for packets transmitted across the network; and
  
  second program instructions for receiving a command to cause each of the plurality of computers to execute the code; and
  
  third program instructions to, responsive to the command, install the code in the communication path between the media access control unit and the protocol driver, the installed code being enabled, without restart of the computer, to determine whether to allow continued transmission of different ones of the packets received over the network along the communication path,wherein the first, second, and third program instructions are stored on the computer-readable, tangible storage device.
- View Dependent Claims (25)
- - 25. The computer program product of claim 24, wherein the third program instructions to install the code between the media access control unit and the protocol driver comprises:
    - fourth program instructions for storing the code in memory;
      
      fifth program instructions for disabling access to a section of computer code in a network driver interface coupled between the media access control unit and the protocol driver by overwriting computer code that is executed before the section of computer code with blocking computer code;
      
      sixth program instructions for patching the section of computer code without stopping complete operation of the network driver interface, the patching of the section of computer code comprising inserting a template jump from the network driver interface to a template in the code, the template comprising new computer code for controlling communications, the template jump and the template enabling the code to control communication between the media access control unit and the protocol driver; and
      
      seventh program instructions for re-enabling access to the section of computer code by replacing the blocking computer code with the patched section of computer code,wherein the fourth, fifth, sixth, and seventh program instructions are stored on the computer-readable, tangible storage device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Lum, Clinton Edward
Primary Examiner(s)
Kendall; Chuck O

Application Number

US11/642,046
Publication Number

US 20070100936A1
Time in Patent Office

1,708 Days
Field of Search

None
US Class Current

717/177
CPC Class Codes

G06F 9/4411 Configuring for operating w...

H04L 67/34 involving the movement of s...

Method and apparatus for remote installation of network drivers and software

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

270 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for remote installation of network drivers and software

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

270 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others