Methods, systems, and products for intrusion detection
First Claim
Patent Images
1. A system, comprising:
- a host computer system;
a peripheral card coupled to the host computer system, the peripheral card comprising a first interface to a first communications network and a second interface to a second communications network, the first interface comprising a first wireless communications portion and a processor managing the first wireless communications portion, the first wireless communications portion coupled to an antenna and configured for one-way communication to wirelessly receive data packets from the first communications network, the first wireless communications portion lacking a configuration to transmit data to the first communications network, the second interface interfacing with the second communications network; and
memory coupled to the peripheral card, the peripheral card storing the data packets in the memory, the peripheral card inspecting a header portion and a payload portion of each data packet and comparing the header portion and the payload portion to a set of rules stored in the memory; and
if the header portion and the payload portion satisfy the set of rules, then the peripheral card ignores a data packet, and if the header portion and the payload portion fail to satisfy the set of rules, then a failure signifies an intrusion event,wherein the first interface of the peripheral card reduces intrusion of the first communications network by preventing a download of the data packets from the first communications network and the second communications network.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and products are disclosed for detecting an intrusion to a communications network. One embodiment describes a system for detecting intrusions. The system has a peripheral card coupled to a host computer system. The peripheral card has a communications portion and a processor managing the communications portion. The communications portion has only a capability for receiving data packets via a communications network. The communications portion lacks capability of transmitting the data packets via the communications network. The communications portion of the peripheral card reduces intrusion of the communications network.
229 Citations
18 Claims
-
1. A system, comprising:
-
a host computer system; a peripheral card coupled to the host computer system, the peripheral card comprising a first interface to a first communications network and a second interface to a second communications network, the first interface comprising a first wireless communications portion and a processor managing the first wireless communications portion, the first wireless communications portion coupled to an antenna and configured for one-way communication to wirelessly receive data packets from the first communications network, the first wireless communications portion lacking a configuration to transmit data to the first communications network, the second interface interfacing with the second communications network; and memory coupled to the peripheral card, the peripheral card storing the data packets in the memory, the peripheral card inspecting a header portion and a payload portion of each data packet and comparing the header portion and the payload portion to a set of rules stored in the memory; and if the header portion and the payload portion satisfy the set of rules, then the peripheral card ignores a data packet, and if the header portion and the payload portion fail to satisfy the set of rules, then a failure signifies an intrusion event, wherein the first interface of the peripheral card reduces intrusion of the first communications network by preventing a download of the data packets from the first communications network and the second communications network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
coupling a host computer system to a peripheral card that comprises a first interface to a first communications network and a second interface to a second communications network, the first interface comprising a first wireless communications portion and a processor managing the communications portion, the first wireless communications portion configured for one-way communication to wirelessly receive data packets from the first communications network and lacking a configuration to transmit data to the first communications network; wirelessly receiving the data packets at an antenna coupled to the first wireless communications portion, the antenna wirelessly receiving the data packets from the first communications network; coupling the peripheral card to memory and storing the data packets in the memory; inspecting a header portion and a payload portion of each data packet and comparing the header portion and the payload portion to a set of rules stored in the memory; ignoring a data packet when the header portion and the payload portion satisfy the set of rules; and failing the data packet when the header portion and the payload portion fail to satisfy the set of rules, a failure signifying an intrusion event, wherein the first interface of the peripheral card reduces intrusion of the first communications network by preventing a download of the data packets from the first communications network and the second communications network. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product storing processor executable instructions for performing a method, the method comprising:
-
coupling a host computer system to a peripheral card comprising a first interface to a first communications network and a second interface to a second communications network, the first interface comprising a first wireless communications portion and a processor managing the first wireless communications portion, the first wireless communications portion configured for one-way communication to wirelessly receive data packets from the first communications network, the first wireless communications portion lacking a configuration to transmit data to the first communications network; wirelessly receiving the data packets at an antenna coupled to the first wireless communications portion, the antenna wirelessly receiving the data packets from the first communications network; coupling the peripheral card to memory and storing the data packets in the memory; inspecting a header portion and a payload portion of each data packet and comparing the header portion and the payload portion to a set of rules stored in the memory; ignoring a received data packet when the header portion and the payload portion satisfy the set of rules; and failing a data packet when the header portion and the payload portion fail to satisfy the set of rules, a failure signifying an intrusion event, wherein the first interface of the peripheral card reduces intrusion of the first communications network by preventing a download of the data packets from the first communications network and the second communications network. - View Dependent Claims (16, 17, 18)
-
Specification