首页> 外国专利> Method and apparatus for detecting port scans with fake source address

Method and apparatus for detecting port scans with fake source address

机译：一种检测虚假源地址的端口扫描的方法及装置

页面导航

摘要
著录项
相似文献

摘要

A computer implemented method, apparatus, and computer program product for port scan protection. A reply data packet having a modified transmission control protocol header is generated to form a modified reply data packet, in response to detecting a port scan. The modified reply data packet will elicit a response from a recipient of the modified data packet. The reply data packet is sent to a first Internet protocol address associated with the port scan. A second Internet protocol address is identified from a header of the response to the modified reply data packet. The second Internet protocol address is an actual Internet protocol address of a source of the port scan. All network traffic from the second Internet protocol address may be blocked to prevent an attack on any open ports from the source of the port scan.

机译：一种用于端口扫描保护的计算机实现的方法，装置和计算机程序产品。响应于检测到端口扫描，生成具有修改的传输控制协议报头的答复数据分组以形成修改的答复数据分组。修改后的答复数据包将引起修改后数据包的接收者的响应。答复数据包被发送到与端口扫描关联的第一Internet协议地址。从对修改后的答复数据包的响应的标头中标识第二个Internet协议地址。第二互联网协议地址是端口扫描源的实际互联网协议地址。可能会阻止来自第二个Internet协议地址的所有网络流量，以防止端口扫描源对任何打开的端口进行攻击。

著录项

公开/公告号US7962957B2

专利类型
公开/公告日2011-06-14

原文格式PDF
申请/专利权人 SUSANN MARIE KEOHANE;GERALD FRANCIS MCBREARTY;SHAWN PATRICK MULLEN;JESSICA CAROL MURILLO;JOHNNY MENG-HAN SHIEH;
展开▼

申请/专利号US20070738547
发明设计人 JOHNNY MENG-HAN SHIEH;SUSANN MARIE KEOHANE;GERALD FRANCIS MCBREARTY;JESSICA CAROL MURILLO;SHAWN PATRICK MULLEN;
展开▼

申请日2007-04-23
分类号G06F21/00;
国家 US
入库时间 2022-08-21 18:09:53

相似文献

专利
外文文献
中文文献