首页>
外国专利>
TARGET-BASED SMB AND DCE/RPC PROCESSING FOR AN INTRUSION DETECTION SYSTEM OR INTRUSION PREVENTION SYSTEM
TARGET-BASED SMB AND DCE/RPC PROCESSING FOR AN INTRUSION DETECTION SYSTEM OR INTRUSION PREVENTION SYSTEM
展开▼
机译:入侵检测系统或入侵预防系统的基于目标的SMB和DCE / RPC处理
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method performed in a processor of an intrusion detection/prevention system (IDS/IPS) checks for valid packets in an SMB named pipe in a communication network. In a processor configured as an IDS/IPS, a packet in a transmission is received and a kind of application of a target of the packet is determined. Also, the data in the packet is inspected by the IDS/IPS as part of the SMB named pipe on only one of a condition that: (a) the FID in an SMB command header of the packet is valid (i) for segments/fragments in the SMB named pipe and (ii) for the determined kind of application of the target of the packet, as indicated by a reassembly table, and (b) the determined kind of application of the target of the packet does not check the FID, as indicated by the reassembly table.
展开▼