CN102045251A - 路由器及tcp端口防御方法 - Google Patents
路由器及tcp端口防御方法 Download PDFInfo
- Publication number
- CN102045251A CN102045251A CN2009103084987A CN200910308498A CN102045251A CN 102045251 A CN102045251 A CN 102045251A CN 2009103084987 A CN2009103084987 A CN 2009103084987A CN 200910308498 A CN200910308498 A CN 200910308498A CN 102045251 A CN102045251 A CN 102045251A
- Authority
- CN
- China
- Prior art keywords
- tcp
- package
- remote computer
- computer
- local computer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/163—In-band adaptation of TCP data exchange; In-band control procedures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (9)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009103084987A CN102045251B (zh) | 2009-10-20 | 2009-10-20 | 路由器及tcp端口防御方法 |
US12/641,543 US20110093946A1 (en) | 2009-10-20 | 2009-12-18 | Router and method for protecting tcp ports utilizing the same |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009103084987A CN102045251B (zh) | 2009-10-20 | 2009-10-20 | 路由器及tcp端口防御方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102045251A true CN102045251A (zh) | 2011-05-04 |
CN102045251B CN102045251B (zh) | 2012-08-22 |
Family
ID=43880295
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2009103084987A Expired - Fee Related CN102045251B (zh) | 2009-10-20 | 2009-10-20 | 路由器及tcp端口防御方法 |
Country Status (2)
Country | Link |
---|---|
US (1) | US20110093946A1 (zh) |
CN (1) | CN102045251B (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103390148A (zh) * | 2012-05-10 | 2013-11-13 | 宏碁股份有限公司 | 使用条码图案的连线设定方法、系统及其使用者装置 |
WO2015027523A1 (zh) * | 2013-09-02 | 2015-03-05 | 北京东土科技股份有限公司 | 一种确定tcp端口扫描的方法及装置 |
CN113542310A (zh) * | 2021-09-17 | 2021-10-22 | 上海观安信息技术股份有限公司 | 一种网络扫描检测方法、装置及计算机存储介质 |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8578022B2 (en) * | 2011-01-19 | 2013-11-05 | Cisco Technology, Inc. | Adaptive idle timeout for TCP connections in ESTAB state |
CN103561048B (zh) * | 2013-09-02 | 2016-08-31 | 北京东土科技股份有限公司 | 一种确定tcp端口扫描的方法及装置 |
US10425473B1 (en) * | 2017-07-03 | 2019-09-24 | Pure Storage, Inc. | Stateful connection reset in a storage cluster with a stateless load balancer |
US10469367B2 (en) * | 2017-10-04 | 2019-11-05 | Cisco Technology, Inc. | Segment routing network processing of packets including operations signaling and processing of packets in manners providing processing and/or memory efficiencies |
US11023582B2 (en) * | 2018-12-19 | 2021-06-01 | EMC IP Holding Company LLC | Identification and control of malicious users on a data storage system |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6725378B1 (en) * | 1998-04-15 | 2004-04-20 | Purdue Research Foundation | Network protection for denial of service attacks |
US6105067A (en) * | 1998-06-05 | 2000-08-15 | International Business Machines Corp. | Connection pool management for backend servers using common interface |
US6427161B1 (en) * | 1998-06-12 | 2002-07-30 | International Business Machines Corporation | Thread scheduling techniques for multithreaded servers |
US6487666B1 (en) * | 1999-01-15 | 2002-11-26 | Cisco Technology, Inc. | Intrusion detection signature analysis using regular expressions and logical operators |
US7043759B2 (en) * | 2000-09-07 | 2006-05-09 | Mazu Networks, Inc. | Architecture to thwart denial of service attacks |
US7301899B2 (en) * | 2001-01-31 | 2007-11-27 | Comverse Ltd. | Prevention of bandwidth congestion in a denial of service or other internet-based attack |
US7464410B1 (en) * | 2001-08-30 | 2008-12-09 | At&T Corp. | Protection against flooding of a server |
US7076803B2 (en) * | 2002-01-28 | 2006-07-11 | International Business Machines Corporation | Integrated intrusion detection services |
US7743415B2 (en) * | 2002-01-31 | 2010-06-22 | Riverbed Technology, Inc. | Denial of service attacks characterization |
US7114182B2 (en) * | 2002-05-31 | 2006-09-26 | Alcatel Canada Inc. | Statistical methods for detecting TCP SYN flood attacks |
US7234161B1 (en) * | 2002-12-31 | 2007-06-19 | Nvidia Corporation | Method and apparatus for deflecting flooding attacks |
US7404210B2 (en) * | 2003-08-25 | 2008-07-22 | Lucent Technologies Inc. | Method and apparatus for defending against distributed denial of service attacks on TCP servers by TCP stateless hogs |
US7490235B2 (en) * | 2004-10-08 | 2009-02-10 | International Business Machines Corporation | Offline analysis of packets |
US7584507B1 (en) * | 2005-07-29 | 2009-09-01 | Narus, Inc. | Architecture, systems and methods to detect efficiently DoS and DDoS attacks for large scale internet |
US20070143846A1 (en) * | 2005-12-21 | 2007-06-21 | Lu Hongqian K | System and method for detecting network-based attacks on electronic devices |
CN100588201C (zh) * | 2006-12-05 | 2010-02-03 | 苏州国华科技有限公司 | 一种针对DDoS攻击的防御方法 |
US7865954B1 (en) * | 2007-08-24 | 2011-01-04 | Louisiana Tech Research Foundation; A Division Of Louisiana Tech University Foundation, Inc. | Method to detect SYN flood attack |
CN101217429B (zh) * | 2008-01-18 | 2010-09-29 | 清华大学 | 基于tcp时间戳选项确定tcp报文之间的引发关系的方法 |
-
2009
- 2009-10-20 CN CN2009103084987A patent/CN102045251B/zh not_active Expired - Fee Related
- 2009-12-18 US US12/641,543 patent/US20110093946A1/en not_active Abandoned
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103390148A (zh) * | 2012-05-10 | 2013-11-13 | 宏碁股份有限公司 | 使用条码图案的连线设定方法、系统及其使用者装置 |
WO2015027523A1 (zh) * | 2013-09-02 | 2015-03-05 | 北京东土科技股份有限公司 | 一种确定tcp端口扫描的方法及装置 |
CN113542310A (zh) * | 2021-09-17 | 2021-10-22 | 上海观安信息技术股份有限公司 | 一种网络扫描检测方法、装置及计算机存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN102045251B (zh) | 2012-08-22 |
US20110093946A1 (en) | 2011-04-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102045251B (zh) | 路由器及tcp端口防御方法 | |
Wang et al. | Defending against denial-of-service attacks with puzzle auctions | |
CN1968074B (zh) | 网络封包串流仿真方法 | |
CN101390064B (zh) | 利用嵌入的认证信息防止网络重置拒绝服务攻击 | |
US7162740B2 (en) | Denial of service defense by proxy | |
CN106982108B (zh) | 一种数据传输的方法以及相关设备 | |
CN101729513B (zh) | 网络认证方法和装置 | |
US20120227088A1 (en) | Method for authenticating communication traffic, communication system and protective apparatus | |
CN101257450A (zh) | 网络安全防护方法、网关设备、客户端及网络系统 | |
US9860181B2 (en) | System and method for inferring traffic legitimacy through selective impairment | |
CN101636968A (zh) | 使用传输控制协议状态转换防止拒绝服务攻击的方法 | |
CN101175013A (zh) | 一种拒绝服务攻击防护方法、网络系统和代理服务器 | |
CN101426014B (zh) | 防止组播源攻击的方法及系统 | |
CN101378395A (zh) | 一种防止拒绝访问攻击的方法及装置 | |
Yang et al. | Matching tcp packets and its application to the detection of long connection chains on the internet | |
CN100420197C (zh) | 一种实现网络设备防攻击的方法 | |
CN111212096A (zh) | 一种降低idc防御成本的方法、装置、存储介质和计算机 | |
CN108449280B (zh) | 一种避免tcp报文乒乓的方法及装置 | |
CN106131036B (zh) | Cc攻击的处理方法、装置及终端 | |
CN108234595A (zh) | 日志传输方法及系统 | |
TWI397286B (zh) | 路由器及tcp埠防禦方法 | |
CN113179247B (zh) | 拒绝服务攻击防护方法、电子装置和存储介质 | |
Starnberger et al. | Using smart cards for tamper-proof timestamps on untrusted clients | |
Zeng et al. | Research on an effective approach against DDoS attacks | |
CN114124489B (zh) | 防止流量攻击的方法、清洗装置、设备和介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20180226 Address after: Shanghai City, Songjiang Export Processing Zone South Road No. 1925 Patentee after: Ambit Microsystems (Shanghai) Co., Ltd. Address before: 201613 Shanghai city south of Songjiang Export Processing Zone Road No. 1925 Co-patentee before: Hon Hai Precision Industry Co., Ltd. Patentee before: Ambit Microsystems (Shanghai) Co., Ltd. |
|
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120822 Termination date: 20181020 |