JPH09266475A - Address information management equipment and network system - Google Patents
Address information management equipment and network systemInfo
- Publication number
- JPH09266475A JPH09266475A JP8073601A JP7360196A JPH09266475A JP H09266475 A JPH09266475 A JP H09266475A JP 8073601 A JP8073601 A JP 8073601A JP 7360196 A JP7360196 A JP 7360196A JP H09266475 A JPH09266475 A JP H09266475A
- Authority
- JP
- Japan
- Prior art keywords
- address
- packet
- request
- request source
- information management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
【0001】[0001]
【発明の属する技術分野】本発明はアドレス情報管理装
置およびネットワークシステムに関する。BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an address information management device and a network system.
【0002】[0002]
【従来の技術】ネットワークを介してネットワーク端末
間で通信を行う場合、通信先のアドレスが必要になる。
通信先のアドレスを取得する方法として、Domain Nam
e System(DNS)プロトコルやATM Forum のL
AN Emulation などでは、ネットワーク端末のアドレ
ス情報のテーブルを持っているサーバに問い合わせを行
う方式が用いられている。2. Description of the Related Art When communicating between network terminals via a network, the address of the communication destination is required.
As a method to acquire the address of the communication destination, Domain Nam
e System (DNS) protocol and ATM Forum L
In AN Emulation and the like, a method of making an inquiry to a server having a table of address information of network terminals is used.
【0003】この方式では、不正な使用者にアドレス情
報が知られることを防ぐために、要求元のアドレスや要
求メッセージの内容を検査し、アドレス情報を通知すべ
きか否かを決定する方法が一般的に用いられている(例
えば「インターネット接続でのファイアウォールセキュ
リティ管理技術」ソフトバンク発行の33ページ)。In this method, in order to prevent the address information from being known to an unauthorized user, a method of inspecting the address of the request source and the contents of the request message and deciding whether or not to notify the address information is generally used. (For example, "Firewall Security Management Technology for Internet Connection", SoftBank, page 33).
【0004】[0004]
【発明が解決しようとする課題】従来の方法では、不正
な要求元に対してアドレス情報を通知することは防げる
が、アドレス情報の取得が失敗したことが不正な使用者
にもわかってしまう。このため不正な使用者は要求メッ
セージ内のパラメータを次々に変えて何度も要求を繰り
返すことができ、この繰り返しにより正しいパラメータ
が発見されれば、不正な使用者がアドレス情報を取得す
ることが可能になってしまう。また、正しいパラメータ
が発見できない場合でも、不正な使用者による要求を処
理するための負荷がアドレス情報管理装置にかかり、正
規の使用者の処理が遅くなるなどの問題が生じる恐れが
ある。さらに、不正な要求を拒否するだけでは、その要
求元がどこであるかその意図は何であるかといったこと
がわからなくなってしまうという問題がある。According to the conventional method, it is possible to prevent the address information from being notified to an unauthorized request source, but an unauthorized user will know that the acquisition of the address information has failed. Therefore, an unauthorized user can change the parameters in the request message one after another and repeat the request many times. If the correct parameter is found by this repetition, the unauthorized user can obtain the address information. It will be possible. Further, even if the correct parameter cannot be found, a load for processing a request by an unauthorized user is imposed on the address information management device, which may cause a problem such as a delay in processing by a legitimate user. Further, there is a problem in that it is impossible to know where the requester is and what the intention is, just by rejecting the unauthorized request.
【0005】本発明の目的は、正常なアドレスに見せか
けた別のアドレスを不正な使用者に通知することで、不
正な使用者が正しいアドレスを取得することを防ぎ、か
つアドレス情報管理装置の処理を軽減し、さらに不正な
使用者からのアクセスを記録する方法およびそれを用い
たアドレス情報管理方式を提供することにある。It is an object of the present invention to notify an unauthorized user of another address that looks like a normal address, thereby preventing the unauthorized user from acquiring a correct address, and processing by the address information management device. Another object of the present invention is to provide a method for recording access from unauthorized users and an address information management method using the method.
【0006】[0006]
【課題を解決するための手段】上記の目的を達成するた
め、本発明のアドレス情報管理装置は、アドレステーブ
ル、通信手段、認証手段を含む構成とする。通信手段に
より受信したメッセージは認証手段により検査され、正
規の使用者である場合はアドレステーブル中の必要な情
報を通知し、不正な使用者に対してはあらかじめ指定さ
れたアドレスを通知する。In order to achieve the above object, the address information management device of the present invention is configured to include an address table, a communication means, and an authentication means. The message received by the communication means is inspected by the authentication means, and when the user is a legitimate user, the necessary information in the address table is notified, and the unauthorized user is notified of the designated address.
【0007】本発明によれば、認証手段により不正な要
求元からのメッセージと判断された要求に対しては、あ
らかじめ指定されたアドレスを通知するため、要求元で
はアドレス取得が成功したか失敗したかを判断できな
い。不正な要求元に通知するアドレスとして、重要な情
報を持たず誰がアクセスしても差し支えない端末のアド
レスを用意しておけば、不正な使用者に重要な情報を渡
すことを防げ、かつ正しいアドレスの取得が失敗したこ
とを知られることもない。According to the present invention, in response to a request judged to be a message from an unauthorized request source by the authentication means, the address designated in advance is notified, so that the request source succeeds or fails in address acquisition. I can't judge. If you prepare the address of a terminal that does not have important information and can be accessed by anyone as an address to notify an unauthorized requester, you can prevent passing important information to an unauthorized user and correct address You never know that your acquisition has failed.
【0008】また本発明で、不正な要求元に通知するア
ドレスを通信内容の記録を取る機能を持つ端末のアドレ
スとすることにより、不正なアクセスの記録を残し要求
元の特定作業などを支援することが可能になる。Further, in the present invention, the address to be notified to the unauthorized request source is set as the address of the terminal having the function of recording the communication contents, and the record of the unauthorized access is left to assist the identification work of the request source. It will be possible.
【0009】[0009]
【発明の実施の形態】次に、本発明の各実施例について
説明する。図1は本発明によるアドレス情報管理方式の
第1実施例のネットワークシステムである。この図はA
TM(Asynchronous Transfer Mode)ネットワークに
より相互に接続された端末間で、ATM Forum標準の
LAN Emulation を用いて通信を行うネットワークシ
ステムを示している。BEST MODE FOR CARRYING OUT THE INVENTION Next, each embodiment of the present invention will be described. FIG. 1 shows a network system of a first embodiment of an address information management system according to the present invention. This figure is A
1 shows a network system in which terminals mutually connected by a TM (Asynchronous Transfer Mode) network communicate with each other by using LAN Emulation of the ATM Forum standard.
【0010】図1のLECS(LAN Emulation Con
figuration Server)は本発明によるアドレス情報管理
装置1の一つの実施例である。図2に内部のソフトウェ
ア構造を示す。図2に於けるATMインターフェースド
ライバはATMネットワークで通信を行う通信手段21
であり、パケット検査部はパケットの内容に基づいて要
求元を識別する認証手段22、LESテーブルはLES
(LAN EmulationServer)2のアドレスを登録して
あるアドレステーブル23、LECSプロトコル処理部
は要求元に対してLES2のアドレスを回答するアドレ
ス通知手段24である。The LECS (LAN Emulation Con) of FIG.
figuration Server) is one embodiment of the address information management device 1 according to the present invention. FIG. 2 shows the internal software structure. The ATM interface driver in FIG. 2 is a communication means 21 for communicating on the ATM network.
The packet inspecting unit identifies the request source based on the contents of the packet, and the LES table is the LES.
The address table 23 in which the address of (LAN Emulation Server) 2 is registered, and the LECS protocol processing unit are the address notification means 24 for replying the address of the LES 2 to the request source.
【0011】ATMインターフェースドライバ21はL
ES2のアドレスを要求するパケットを受信すると、パ
ケット検査部22へとそのパケットを渡す。パケット検
査部22ではパケットのSOURCE−LAN−DES
TINATIONフィールド309およびSOURCE
−ATM−ADDRESSフィールド311(図3参
照)に格納されている要求元のアドレスと、ELAN−
NAMEフィールド317の内容を検査し、あらかじめ
設定されている値の範囲に合致した場合に有効、そうで
ない場合に不正な要求であると判定し、判定結果をパケ
ットとともにLECSプロトコル処理部24へ通知す
る。LECSプロトコル処理部24では判定結果が有効
だった場合にはLESテーブル23を検索し、LES2
のアドレスを含んだアドレス通知パケットを作ってAT
Mインターフェースドライバ21を介して要求元へと通
知する。判定結果が不正だった場合、侵入対策用端末1
1(図1)のアドレスを含んだアドレス通知パケットを
ATMインターフェースドライバ21を介して要求元へ
通知する。The ATM interface driver 21 is L
When the packet requesting the address of ES2 is received, the packet is passed to the packet inspection unit 22. In the packet inspection unit 22, the SOURCE-LAN-DES of the packet
TINATION field 309 and SOURCE
-The request source address stored in the ATM-ADDRESS field 311 (see FIG. 3) and the ELAN-
The contents of the NAME field 317 are inspected, it is determined that the request is valid if it matches with the preset value range, otherwise it is determined to be an invalid request, and the determination result is notified to the LECS protocol processing unit 24 together with the packet. . When the determination result is valid, the LECS protocol processing unit 24 searches the LES table 23 and
Create an address notification packet containing the address of AT
The request source is notified via the M interface driver 21. If the judgment result is incorrect, the intrusion prevention terminal 1
The address notification packet including the address 1 (FIG. 1) is notified to the request source via the ATM interface driver 21.
【0012】図1のネットワークシステムに於いて、不
正な要求元12がLECS1に対してLES2のアドレ
スを要求した場合のシーケンスを図4にそって説明す
る。まず、不正な要求元12がLECS1に対してLE
S2のアドレスを要求する(401)。LECS1は要
求パケットの発信元アドレス等の検査から、この要求が
不正な使用者によるものであると判断し(402)、L
ES2ではなく侵入対策用端末11のアドレスを通知す
る(403)。不正な要求元12は通知されたアドレス
(侵入対策用端末11のアドレス)に対して接続を試み
(404)許可される(405)。In the network system of FIG. 1, a sequence in the case where the unauthorized request source 12 requests the address of LES2 to LECS1 will be described with reference to FIG. First, the unauthorized request source 12 sends LE to LECS1.
The address of S2 is requested (401). The LECS 1 judges from the inspection of the source address and the like of the request packet that this request is made by an unauthorized user (402), and L
Not the ES2 but the address of the intrusion countermeasure terminal 11 is notified (403). The unauthorized request source 12 attempts connection (404) to the notified address (address of the intrusion countermeasure terminal 11) and is permitted (405).
【0013】この例における侵入対策用端末11は、L
ES2と同等の機能を有し、LES2と同じように動作
するが、正規の使用者からのアクセスは行われないよう
に設定してある。また、侵入対策用端末11には、重要
な情報、例えば、他のLEC(LAN Emulation Cli
ent)13、14、15のアドレスなど、は入れないでお
く。不正な要求元12では接続相手がLES2だと考
え、情報の要求を行う(406)が、侵入対策用端末1
1には該当する情報がないので、情報無しという回答
(407)しか得られない。The intrusion countermeasure terminal 11 in this example is L
It has the same function as ES2 and operates in the same way as LES2, but is set so that it cannot be accessed by an authorized user. In addition, important information such as other LEC (LAN Emulation CLI) is stored in the intrusion prevention terminal 11.
ent) 13, 14, 15 addresses, etc. are not entered. The unauthorized request source 12 thinks that the connection partner is LES2, and requests information (406), but the intrusion countermeasure terminal 1
Since 1 has no corresponding information, only the answer (407) that there is no information can be obtained.
【0014】以上のように、本実施例のネットワークシ
ステムでは不正な要求に対してLECS1が侵入対策用
端末11のアドレスを通知するため、要求が認められた
か拒否されたかが不正な要求元には判断がつかない。ま
た、不正なアクセスの対象となる侵入対策用端末11に
は重要な情報がないため、不正な使用者が何らかの重要
な情報を入手することを防げる。As described above, in the network system of this embodiment, the LECS 1 notifies the address of the intrusion countermeasure terminal 11 in response to an illegal request, so it is judged to the unauthorized request source whether the request is accepted or rejected. I can't get it. Further, since there is no important information in the intrusion countermeasure terminal 11 that is the target of unauthorized access, it is possible to prevent an unauthorized user from obtaining some important information.
【0015】図5に本発明によるアドレス情報管理方式
の第2実施例であるネットワークシステムを示す。この
ネットワークシステムでは、各端末がDNSネームサー
バ51に問い合わせを行うことで通信先端末のアドレス
を得て通信を行う。FIG. 5 shows a network system which is a second embodiment of the address information management system according to the present invention. In this network system, each terminal obtains the address of the communication destination terminal by making an inquiry to the DNS name server 51 to perform communication.
【0016】図5のDNSネームサーバ51は本発明に
よるアドレス情報管理装置の一つの実施例である。図6
にDNSネームサーバ51のソフトウェア構造を示す。
通信プロトコル処理部61はネットワークにパケットを
送受信する通信手段、ソースアドレス検査部62はパケ
ットの送信元アドレスを検査して、正規の要求元である
か不正な要求元であるかを判断する認証手段、DNSプ
ロトコル処理部63は要求パケットが正規の要求元であ
る場合にアドレスを通知するアドレス通知手段であり、
ホストテーブル64はネットワークシステムに接続され
ている各端末54、55、56のアドレスが登録されて
いるアドレステーブルである。The DNS name server 51 shown in FIG. 5 is an embodiment of the address information management device according to the present invention. FIG.
The software structure of the DNS name server 51 is shown in FIG.
The communication protocol processing unit 61 is a communication unit that sends and receives packets to and from the network, and the source address inspection unit 62 is an authentication unit that inspects the source address of the packet and determines whether it is a legitimate request source or an unauthorized request source. , The DNS protocol processing unit 63 is an address notifying means for notifying an address when the request packet is a legitimate request source,
The host table 64 is an address table in which the addresses of the terminals 54, 55, 56 connected to the network system are registered.
【0017】DNSプロトコル処理部63は正規の使用
者54、55、56に対してはホストテーブル64を検
索して結果を通知し、不正な要求元52に対しては通信
記録用端末53のアドレスを通知する。不正な要求元5
2は通知されたアドレス(通信記録用端末53のアドレ
ス)に対して通信を行う。通信記録用端末53は受信し
たパケットの内容を記録する機能を持つ。通信記録用端
末53は不正な要求元52からの通信に対して通信プロ
トコルの規定に沿って応答を返すが、重要なデータを内
部に持たないため、不正な使用者がデータを入手するこ
とはない。パケット内容の記録は、要求元のアドレス割
り出しや使用者の目的の解析などに有効である。The DNS protocol processing unit 63 searches the host table 64 for the legitimate users 54, 55, 56 and notifies the result, and the address of the communication recording terminal 53 for the unauthorized request source 52. To notify. Illegal request source 5
2 communicates with the notified address (address of the communication recording terminal 53). The communication recording terminal 53 has a function of recording the content of the received packet. The communication recording terminal 53 returns a response to the communication from the unauthorized request source 52 according to the regulation of the communication protocol, but since it does not have important data inside, an unauthorized user cannot obtain the data. Absent. The recording of packet contents is effective for determining the address of the request source and analyzing the purpose of the user.
【0018】以上のように本実施例では不正な要求元5
2に通知するアドレスを通信記録機能を持つ端末のアド
レスにすることで、不正な要求元52との通信記録を残
し、要求元のアドレス割り出しなどの解析が行えるとい
う特徴がある。As described above, in this embodiment, the illegal request source 5
By setting the address notified to 2 to the address of the terminal having the communication recording function, the communication record with the unauthorized request source 52 is left, and the analysis such as the address determination of the request source can be performed.
【0019】[0019]
【発明の効果】本発明のアドレス情報管理装置およびそ
れを用いたネットワークシステムによれば、不正な要求
元に対してあらかじめ用意したアドレスを通知すること
で、情報の要求を拒否したことを知られること無しに重
要な情報を渡さないアドレス情報管理ができる。また、
通知するアドレスを通信記録機能を持つ端末のアドレス
とすることで、不正な要求元からの通信内容を記録し、
要求元のアドレスやアクセスの意図を解析するためのデ
ータを残すことが可能になる。According to the address information management apparatus and the network system using the same of the present invention, it is known that the request for information is rejected by notifying an unauthorized request source of the prepared address. It is possible to manage address information without passing important information. Also,
By recording the address to be notified as the address of the terminal with the communication recording function, the communication content from the unauthorized request source is recorded,
It becomes possible to leave data for analyzing the request source address and access intention.
【図1】本発明によるネットワークシステムの第1実施
例の説明図。FIG. 1 is an explanatory diagram of a first embodiment of a network system according to the present invention.
【図2】本発明によるアドレス情報管理装置のソフトウ
ェアの説明図。FIG. 2 is an explanatory diagram of software of the address information management device according to the present invention.
【図3】アドレス要求パケットのフォーマットの説明
図。FIG. 3 is an explanatory diagram of a format of an address request packet.
【図4】不正なアドレス要求に対する動作シーケンスの
説明図。FIG. 4 is an explanatory diagram of an operation sequence for an unauthorized address request.
【図5】本発明によるネットワークシステムの第2実施
例の説明図。FIG. 5 is an explanatory diagram of a second embodiment of the network system according to the present invention.
【図6】DNSネームサーバのブロック図。FIG. 6 is a block diagram of a DNS name server.
1…アドレス情報管理装置、 11…侵入対策用端末、 12…不正な要求元、 21…通信手段、 22…認証手段、 23…アドレステーブル、 24…アドレス通知手段。 DESCRIPTION OF SYMBOLS 1 ... Address information management device, 11 ... Intrusion countermeasure terminal, 12 ... Unauthorized request source, 21 ... Communication means, 22 ... Authentication means, 23 ... Address table, 24 ... Address notification means.
Claims (4)
ネットワーク端末装置のアドレスを保持するアドレステ
ーブルと、前記ネットワークを介して通信する通信手段
と、前記通信手段により受信した要求メッセージに応じ
て前記アドレステーブルに登録されたアドレスから適当
なものを選択し前記通信手段を介して通知するアドレス
通知手段と、前記通信手段により受信した要求メッセー
ジの内容及び要求元アドレスから要求元が正規の使用者
であるか不正な使用者であるかを識別する認証手段とを
含み、前記ネットワークを介して任意のネットワーク端
末のアドレスの通知を要求されたとき、要求元が前記認
証手段で不正な使用者であると識別された場合、前記ア
ドレス通知手段が通知するアドレスが本来通知すべきア
ドレスとは異なるあらかじめ指定したアドレスであるこ
とを特徴とするアドレス情報管理装置。1. An address table holding addresses of one or more network terminal devices connected to a network, communication means for communicating via the network, and the address according to a request message received by the communication means. An address notifying means for selecting an appropriate address from the addresses registered in the table and notifying through the communication means, and the request source from the content and request source address of the request message received by the communication means is a legitimate user. And an authentication means for identifying whether the user is an unauthorized user, and when a request is made to notify the address of an arbitrary network terminal via the network, the request source is an unauthorized user by the authentication means. If identified, the address notified by the address notification means is different from the address to be originally notified. Address information management apparatus, characterized in that the Luo beforehand specified address.
であると識別した場合に前記アドレス通知手段が通知す
るアドレスが、不正な使用者がアドレスを要求したネッ
トワーク端末の動作を模倣する機能を有するネットワー
ク端末のアドレスである請求項1に記載のアドレス情報
管理装置。2. A function in which the address notified by the address notifying unit when the authentication unit identifies that the request source is an unauthorized user imitates the operation of a network terminal requested by the unauthorized user. The address information management device according to claim 1, wherein the address information management device is an address of a network terminal having the address.
であると識別した場合に前記アドレス通知手段が通知す
るアドレスが、通信内容や端末に対する操作の記録をと
るトレース手段と前記トレース手段により記録された内
容を保持する記憶手段とを有するネットワーク端末のア
ドレスである請求項1または請求項2に記載のアドレス
情報管理装置。3. An address notified by the address notifying unit when the requesting source is identified by the authenticating unit as an unauthorized user by the tracing unit and the tracing unit for recording the contents of communication and the operation on the terminal. The address information management device according to claim 1 or 2, which is an address of a network terminal having a storage unit for holding the recorded contents.
と、前記トレース手段と前記記憶手段を有するネットワ
ーク端末を用いて不正な要求元からの通信を記録するネ
ットワークシステム。4. A network system for recording communication from an unauthorized request source using the address information management device according to claim 3 and a network terminal having the trace means and the storage means.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP8073601A JPH09266475A (en) | 1996-03-28 | 1996-03-28 | Address information management equipment and network system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP8073601A JPH09266475A (en) | 1996-03-28 | 1996-03-28 | Address information management equipment and network system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| JPH09266475A true JPH09266475A (en) | 1997-10-07 |
Family
ID=13523018
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP8073601A Pending JPH09266475A (en) | 1996-03-28 | 1996-03-28 | Address information management equipment and network system |
Country Status (1)
| Country | Link |
|---|---|
| JP (1) | JPH09266475A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2000261483A (en) * | 1999-03-09 | 2000-09-22 | Hitachi Ltd | Network monitoring system |
| JP2001203762A (en) * | 2000-01-21 | 2001-07-27 | Nec Corp | Dns server filter |
| JP2003527793A (en) * | 1999-11-29 | 2003-09-16 | フォアスカウト テクノロジース インコポレーテッド | Method for automatic intrusion detection and deflection in a network |
| JP2007334411A (en) * | 2006-06-12 | 2007-12-27 | Fuji Xerox Co Ltd | Control program and communication system |
| US7565432B2 (en) | 2001-04-02 | 2009-07-21 | Microsoft Corporation | Peer-to-peer name resolution protocol (PNRP) and multilevel cache for use therewith |
| US7817647B2 (en) | 2005-04-22 | 2010-10-19 | Microsoft Corporation | Flower-petal resolutions for PNRP |
| JP2011205641A (en) * | 2000-04-26 | 2011-10-13 | Virnet X Inc | Improvement to agile network protocol for secure communication with assured system availability |
| US8843643B2 (en) | 1998-10-30 | 2014-09-23 | Virnetx, Inc. | System and method employing an agile network protocol for secure communications using secure domain names |
| US8874771B2 (en) | 1998-10-30 | 2014-10-28 | Virnetx, Inc. | Agile network protocol for secure communications with assured system availability |
| US8943201B2 (en) | 1998-10-30 | 2015-01-27 | Virnetx, Inc. | Method for establishing encrypted channel |
| US9860283B2 (en) | 1998-10-30 | 2018-01-02 | Virnetx, Inc. | Agile network protocol for secure video communications with assured system availability |
| US10511573B2 (en) | 1998-10-30 | 2019-12-17 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
-
1996
- 1996-03-28 JP JP8073601A patent/JPH09266475A/en active Pending
Cited By (30)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9374346B2 (en) | 1998-10-30 | 2016-06-21 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
| US9386000B2 (en) | 1998-10-30 | 2016-07-05 | Virnetx, Inc. | System and method for establishing a communication link |
| US9038163B2 (en) | 1998-10-30 | 2015-05-19 | Virnetx, Inc. | Systems and methods for connecting network devices over communication network |
| US9027115B2 (en) | 1998-10-30 | 2015-05-05 | Virnetx, Inc. | System and method for using a registered name to connect network devices with a link that uses encryption |
| US10187387B2 (en) | 1998-10-30 | 2019-01-22 | Virnetx, Inc. | Method for establishing connection between devices |
| US9967240B2 (en) | 1998-10-30 | 2018-05-08 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
| US9860283B2 (en) | 1998-10-30 | 2018-01-02 | Virnetx, Inc. | Agile network protocol for secure video communications with assured system availability |
| US9819649B2 (en) | 1998-10-30 | 2017-11-14 | Virnetx, Inc. | System and method employing an agile network protocol for secure communications using secure domain names |
| US8843643B2 (en) | 1998-10-30 | 2014-09-23 | Virnetx, Inc. | System and method employing an agile network protocol for secure communications using secure domain names |
| US8850009B2 (en) | 1998-10-30 | 2014-09-30 | Virnetx, Inc. | System and method employing an agile network protocol for secure communications using secure domain names |
| US8868705B2 (en) | 1998-10-30 | 2014-10-21 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
| US8874771B2 (en) | 1998-10-30 | 2014-10-28 | Virnetx, Inc. | Agile network protocol for secure communications with assured system availability |
| US8904516B2 (en) | 1998-10-30 | 2014-12-02 | Virnetx, Inc. | System and method employing an agile network protocol for secure communications using secure domain names |
| US8943201B2 (en) | 1998-10-30 | 2015-01-27 | Virnetx, Inc. | Method for establishing encrypted channel |
| US10511573B2 (en) | 1998-10-30 | 2019-12-17 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
| US9479426B2 (en) | 1998-10-30 | 2016-10-25 | Virnetz, Inc. | Agile network protocol for secure communications with assured system availability |
| US9037713B2 (en) | 1998-10-30 | 2015-05-19 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
| US9077694B2 (en) | 1998-10-30 | 2015-07-07 | Virnetx, Inc. | Agile network protocol for secure communications using secure domain names |
| US9077695B2 (en) | 1998-10-30 | 2015-07-07 | Virnetx, Inc. | System and method for establishing an encrypted communication link based on IP address lookup requests |
| US9094399B2 (en) | 1998-10-30 | 2015-07-28 | Virnetx, Inc. | Method for establishing secure communication link between computers of virtual private network |
| US9100375B2 (en) | 1998-10-30 | 2015-08-04 | Virnetx, Inc. | System and method employing an agile network protocol for secure communications using secure domain names |
| US9413766B2 (en) | 1998-10-30 | 2016-08-09 | Virnetx, Inc. | Method for establishing connection between devices |
| JP2000261483A (en) * | 1999-03-09 | 2000-09-22 | Hitachi Ltd | Network monitoring system |
| JP2003527793A (en) * | 1999-11-29 | 2003-09-16 | フォアスカウト テクノロジース インコポレーテッド | Method for automatic intrusion detection and deflection in a network |
| JP2001203762A (en) * | 2000-01-21 | 2001-07-27 | Nec Corp | Dns server filter |
| JP2011205641A (en) * | 2000-04-26 | 2011-10-13 | Virnet X Inc | Improvement to agile network protocol for secure communication with assured system availability |
| US7962651B2 (en) | 2001-04-02 | 2011-06-14 | Microsoft Corporation | Peer-to-peer name resolution protocol (PNRP) and multilevel cache for use therewith |
| US7565432B2 (en) | 2001-04-02 | 2009-07-21 | Microsoft Corporation | Peer-to-peer name resolution protocol (PNRP) and multilevel cache for use therewith |
| US7817647B2 (en) | 2005-04-22 | 2010-10-19 | Microsoft Corporation | Flower-petal resolutions for PNRP |
| JP2007334411A (en) * | 2006-06-12 | 2007-12-27 | Fuji Xerox Co Ltd | Control program and communication system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8082578B2 (en) | Intelligent firewall | |
| CN111586025B (en) | SDN-based SDP security group implementation method and security system | |
| CN111131310B (en) | Access control method, device, system, computer device and storage medium | |
| US5892903A (en) | Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system | |
| US7100201B2 (en) | Undetectable firewall | |
| US8935748B2 (en) | Secure DNS query | |
| US7895319B2 (en) | Variable DNS responses based on client identity | |
| US7234157B2 (en) | Remote authentication caching on a trusted client or gateway system | |
| US8392963B2 (en) | Techniques for tracking actual users in web application security systems | |
| US8181237B2 (en) | Method for improving security of computer networks | |
| US20020042883A1 (en) | Method and system for controlling access by clients to servers over an internet protocol network | |
| JP2003529254A (en) | Internet / network security method and system for checking customer security from a remote device | |
| KR20000054538A (en) | System and method for intrusion detection in network and it's readable record medium by computer | |
| US7660995B2 (en) | Access control system, authentication server, application server, and packet transmission device | |
| CN110971569A (en) | Network access authority management method and device and computing equipment | |
| CN114598540A (en) | Access control system, method, device and storage medium | |
| JP2002508121A (en) | Method and apparatus for a communication system | |
| JPH09266475A (en) | Address information management equipment and network system | |
| CN112311722B (en) | Access control method, device, equipment and computer readable storage medium | |
| JP2004062417A (en) | Certification server device, server device and gateway device | |
| JP2002297543A (en) | Detection device of unauthorized login | |
| CN111405548A (en) | Detection method and device for fishing wifi | |
| CN115883574A (en) | Access equipment identification method and device in industrial control network | |
| CN117938413A (en) | Equipment network access control method, device, equipment and medium | |
| JP2001148715A (en) | Network system and terminal device |