首页> 外国专利> TARGET-BASED SMB AND DCE/RPC PROCESSING FOR AN INTRUSION DETECTION SYSTEM OR INTRUSION PREVENTION SYSTEM

TARGET-BASED SMB AND DCE/RPC PROCESSING FOR AN INTRUSION DETECTION SYSTEM OR INTRUSION PREVENTION SYSTEM

机译：入侵检测系统或入侵预防系统的基于目标的SMB和DCE / RPC处理

页面导航

摘要
著录项
相似文献

摘要

A method performed in a processor of an intrusion detection/prevention system (IDS/IPS) checks for valid packets in an SMB named pipe in a communication network. In a processor configured as an IDS/IPS, a packet in a transmission is received and a kind of application of a target of the packet is determined. Also, the data in the packet is inspected by the IDS/IPS as part of the SMB named pipe on only one of a condition that: (a) the FID in an SMB command header of the packet is valid (i) for segments/fragments in the SMB named pipe and (ii) for the determined kind of application of the target of the packet, as indicated by a reassembly table, and (b) the determined kind of application of the target of the packet does not check the FID, as indicated by the reassembly table.

机译：在入侵检测/防御系统（IDS / IPS）的处理器中执行的方法检查通信网络中SMB命名管道中的有效数据包。在配置为IDS / IPS的处理器中，接收传输中的分组，并确定该分组的目标的应用类型。同样，仅在以下情况之一的情况下，作为SMB命名管道的一部分，由IDS / IPS检查数据包中的数据：（a）数据包的SMB命令标头中的FID有效（i）对于段/ SMB命名管道中的片段和（ii）重组表所指示的确定的数据包目标的应用类型，以及（b）确定的数据包目标的应用程序的类型不检查FID ，如重组表所示。

著录项

公开/公告号US2015237060A1

专利类型
公开/公告日2015-08-20

原文格式PDF
申请/专利权人 CISCO TECHNOLOGY INC.;
展开▼

申请/专利号US201514706383
发明设计人 KENNETH TODD WEASE;
展开▼

申请日2015-05-07
分类号H04L29/06;
国家 US
入库时间 2022-08-21 15:26:58

相似文献

专利
外文文献
中文文献