DE602005021353D1 - Erweiterungen zur filterung von ipv6-kopfteilen - Google Patents

Erweiterungen zur filterung von ipv6-kopfteilen

Info

Publication number: DE602005021353D1
Authority: DE; Germany
Prior art keywords: firewall; network; additional information; send; expansions
Prior art date: 2004-05-25
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.): Active

Application number

DE602005021353T

Other languages

English (en)

Inventor

Frank Le

Stefano Faccin

Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)

Intellectual Ventures I LLC

Original Assignee

Spyder Navigations LLC

Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)

2004-05-25

Filing date

2005-05-23

Publication date

2010-07-01

2005-05-23 Application filed by Spyder Navigations LLC filed Critical Spyder Navigations LLC

2005-05-23 Priority claimed from PCT/IB2005/001401 external-priority patent/WO2005120010A1/en

2010-07-01 Publication of DE602005021353D1 publication Critical patent/DE602005021353D1/de

Status Active legal-status Critical Current

2025-05-24 Anticipated expiration legal-status Critical

Links

Classifications

- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0254—Stateful filtering
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/029—Firewall traversal, e.g. tunnelling or, creating pinholes

DE602005021353T 2004-05-25 2005-05-23 Erweiterungen zur filterung von ipv6-kopfteilen Active DE602005021353D1 (de)

Applications Claiming Priority (3)

Application Number	Priority Date	Filing Date	Title
US10/852,680 US20050268331A1 (en)	2004-05-25	2004-05-25	Extension to the firewall configuration protocols and features
US10/882,675 US20050268332A1 (en)	2004-05-25	2004-07-02	Extensions to filter on IPv6 header
PCT/IB2005/001401 WO2005120010A1 (en)	2004-05-25	2005-05-23	Extensions to filter on ipv6 header

Publications (1)

Publication Number	Publication Date
DE602005021353D1 true DE602005021353D1 (de)	2010-07-01

Family

ID=35426923

Family Applications (1)

Application Number	Title	Priority Date	Filing Date
DE602005021353T Active DE602005021353D1 (de)	2004-05-25	2005-05-23	Erweiterungen zur filterung von ipv6-kopfteilen

Country Status (4)

Country	Link
US (2)	US20050268331A1 (de)
AT (1)	ATE468693T1 (de)
DE (1)	DE602005021353D1 (de)
WO (1)	WO2005120008A1 (de)

Families Citing this family (42)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US7716742B1 (en)	2003-05-12	2010-05-11	Sourcefire, Inc.	Systems and methods for determining characteristics of a network and analyzing vulnerabilities
US7539681B2 (en)	2004-07-26	2009-05-26	Sourcefire, Inc.	Methods and systems for multi-pattern searching
US7496962B2 (en) *	2004-07-29	2009-02-24	Sourcefire, Inc.	Intrusion detection strategies for hypertext transport protocol
CN100414929C (zh) *	2005-03-15	2008-08-27	华为技术有限公司	一种移动互联网协议网络中的报文传送方法
CN100542171C (zh) *	2005-03-15	2009-09-16	华为技术有限公司	一种移动IPv6数据穿越状态防火墙的方法
CN100571196C (zh) *	2005-03-22	2009-12-16	华为技术有限公司	移动IPv6报文穿越防火墙的实现方法
KR100728277B1 (ko)	2005-05-17	2007-06-13	삼성전자주식회사	동적 네트워크 보안 시스템 및 방법
US7739728B1 (en) *	2005-05-20	2010-06-15	Avaya Inc.	End-to-end IP security
US8056124B2 (en)	2005-07-15	2011-11-08	Microsoft Corporation	Automatically generating rules for connection security
US8046833B2 (en)	2005-11-14	2011-10-25	Sourcefire, Inc.	Intrusion event correlation with network discovery information
US7733803B2 (en)	2005-11-14	2010-06-08	Sourcefire, Inc.	Systems and methods for modifying network map attributes
US7886351B2 (en) *	2006-06-19	2011-02-08	Microsoft Corporation	Network aware firewall
US7948988B2 (en)	2006-07-27	2011-05-24	Sourcefire, Inc.	Device, system and method for analysis of fragments in a fragment train
US7701945B2 (en)	2006-08-10	2010-04-20	Sourcefire, Inc.	Device, system and method for analysis of segments in a transmission control protocol (TCP) session
CA2672908A1 (en) *	2006-10-06	2008-04-17	Sourcefire, Inc.	Device, system and method for use of micro-policies in intrusion detection/prevention
KR100818307B1 (ko) *	2006-12-04	2008-04-01	한국전자통신연구원	ＩＰｖ６ 공격 패킷 탐지장치 및 방법
US8069352B2 (en)	2007-02-28	2011-11-29	Sourcefire, Inc.	Device, system and method for timestamp analysis of segments in a transmission control protocol (TCP) session
WO2008134057A1 (en)	2007-04-30	2008-11-06	Sourcefire, Inc.	Real-time awareness for a computer network
US8584227B2 (en) *	2007-05-09	2013-11-12	Microsoft Corporation	Firewall with policy hints
US8166534B2 (en)	2007-05-18	2012-04-24	Microsoft Corporation	Incorporating network connection security levels into firewall rules
US8266685B2 (en) *	2007-05-18	2012-09-11	Microsoft Corporation	Firewall installer
US8341723B2 (en) *	2007-06-28	2012-12-25	Microsoft Corporation	Filtering kernel-mode network communications
US8443433B2 (en) *	2007-06-28	2013-05-14	Microsoft Corporation	Determining a merged security policy for a computer system
US20090094691A1 (en) *	2007-10-03	2009-04-09	At&T Services Inc.	Intranet client protection service
US8474043B2 (en)	2008-04-17	2013-06-25	Sourcefire, Inc.	Speed and memory optimization of intrusion detection system (IDS) and intrusion prevention system (IPS) rule processing
US8739269B2 (en)	2008-08-07	2014-05-27	At&T Intellectual Property I, L.P.	Method and apparatus for providing security in an intranet network
US8272055B2 (en)	2008-10-08	2012-09-18	Sourcefire, Inc.	Target-based SMB and DCE/RPC processing for an intrusion detection system or intrusion prevention system
JP5809238B2 (ja)	2010-04-16	2015-11-10	シスコテクノロジー，インコーポレイテッド	準リアルタイムネットワーク攻撃検出のためのシステムおよび方法、ならびに検出ルーティングによる統合検出のためのシステムおよび方法
US8433790B2 (en)	2010-06-11	2013-04-30	Sourcefire, Inc.	System and method for assigning network blocks to sensors
US8671182B2 (en)	2010-06-22	2014-03-11	Sourcefire, Inc.	System and method for resolving operating system or service identity conflicts
US8776207B2 (en)	2011-02-16	2014-07-08	Fortinet, Inc.	Load balancing in a network with session information
US8601034B2 (en)	2011-03-11	2013-12-03	Sourcefire, Inc.	System and method for real time data awareness
CN103095511A (zh) *	2011-10-28	2013-05-08	华为技术有限公司	一种在IPsec机制下的网络测试方法，装置及系统
CN103685009B (zh) *	2012-08-31	2017-04-26	华为技术有限公司	数据包的处理方法、控制器及系统
CN104580078B (zh) *	2013-10-15	2018-04-17	北京神州泰岳软件股份有限公司	一种网络访问控制方法和系统
CN105635067B (zh) *	2014-11-04	2019-11-15	华为技术有限公司	报文发送方法及装置
DE102016205983A1 (de) *	2016-04-11	2017-10-12	Siemens Aktiengesellschaft	Anordnung zum Überprüfen von wenigstens einer Firewall-Einrichtung und Verfahren zum Schutz wenigstens eines Datenempfängers
EP3535895A1 (de) *	2016-12-19	2019-09-11	Huawei Technologies Co., Ltd.	Netzwerkknoten und client-vorrichtung zur messung von kanalstatusinformationen
CN108418776B (zh) *	2017-02-09	2021-08-20	上海诺基亚贝尔股份有限公司	用于提供安全业务的方法和设备
US10778578B2 (en) *	2017-08-31	2020-09-15	Konica Minolta Laboratory U.S.A., Inc.	Method and system having an application for IPv6 extension headers and destination options
US10999253B2 (en) *	2018-07-26	2021-05-04	Juniper Networks, Inc.	Maintaining internet protocol security tunnels
CN116346717A (zh) *	2020-06-02	2023-06-27	华为技术有限公司	一种确定处理能力的方法、节点和系统

Family Cites Families (28)

* Cited by examiner, † Cited by third party
Publication number	Priority date	Publication date	Assignee	Title
US5892903A (en) *	1996-09-12	1999-04-06	Internet Security Systems, Inc.	Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system
FI105753B (fi) *	1997-12-31	2000-09-29	Ssh Comm Security Oy	Pakettien autentisointimenetelmä verkko-osoitemuutosten ja protokollamuunnosten läsnäollessa
US6327660B1 (en) *	1998-09-18	2001-12-04	Intel Corporation	Method for securing communications in a pre-boot environment
US6496935B1 (en) *	2000-03-02	2002-12-17	Check Point Software Technologies Ltd	System, device and method for rapid packet filtering and processing
US20050125532A1 (en) *	2000-05-26	2005-06-09	Gur Kimchi	Traversing firewalls and nats
US7181012B2 (en) *	2000-09-11	2007-02-20	Telefonaktiebolaget Lm Ericsson (Publ)	Secured map messages for telecommunications networks
US6950824B1 (en) *	2001-05-30	2005-09-27	Cryptek, Inc.	Virtual data labeling and policy manager system and method
FI20012338A0 (fi) *	2001-11-29	2001-11-29	Stonesoft Corp	Palomuuri tunneloitujen datapakettien suodattamiseksi
US7506058B2 (en) *	2001-12-28	2009-03-17	International Business Machines Corporation	Method for transmitting information across firewalls
US6973086B2 (en) *	2002-01-28	2005-12-06	Nokia Corporation	Method and system for securing mobile IPv6 home address option using ingress filtering
US7453851B2 (en) *	2002-06-20	2008-11-18	Spyder Navigations L.L.C.	QoS signaling for mobile IP
US7146638B2 (en) *	2002-06-27	2006-12-05	International Business Machines Corporation	Firewall protocol providing additional information
US7436804B2 (en) *	2002-09-18	2008-10-14	Qualcomm Incorporated	Methods and apparatus for using a Care of Address option
US20040098479A1 (en) *	2002-10-25	2004-05-20	General Instrument Corporation	Method for using different packet type and port options values in an IP measurement protocol packet from those used to process the packet
US7336620B2 (en) *	2002-10-25	2008-02-26	General Instrument Corporation	Method for enabling initiation of testing of network using IP measurement protocol packets
US7336621B2 (en) *	2002-10-25	2008-02-26	General Instrument Corporation	Method and apparatus for testing an IP network
US7894355B2 (en) *	2002-10-25	2011-02-22	General Instrument Corporation	Method for enabling non-predetermined testing of network using IP measurement protocol packets
US7434254B1 (en) *	2002-10-25	2008-10-07	Cisco Technology, Inc.	Method and apparatus for automatic filter generation and maintenance
US7266763B2 (en) *	2002-11-26	2007-09-04	Microsoft Corporation	User defined spreadsheet functions
US7209978B2 (en) *	2002-12-13	2007-04-24	Cisco Technology, Inc.	Arrangement in a router of a mobile network for optimizing use of messages carrying reverse routing headers
KR100886551B1 (ko) *	2003-02-21	2009-03-02	삼성전자주식회사	이동통신시스템에서 인터넷 프로토콜 버전에 따른 트래픽플로우 탬플릿 패킷 필터링 장치 및 방법
US7774593B2 (en) *	2003-04-24	2010-08-10	Panasonic Corporation	Encrypted packet, processing device, method, program, and program recording medium
US7509673B2 (en) *	2003-06-06	2009-03-24	Microsoft Corporation	Multi-layered firewall architecture
US7409707B2 (en) *	2003-06-06	2008-08-05	Microsoft Corporation	Method for managing network filter based policies
US7260840B2 (en) *	2003-06-06	2007-08-21	Microsoft Corporation	Multi-layer based method for implementing network firewalls
US7308711B2 (en) *	2003-06-06	2007-12-11	Microsoft Corporation	Method and framework for integrating a plurality of network policies
US20040268123A1 (en) *	2003-06-27	2004-12-30	Nokia Corporation	Security for protocol traversal
US20040268124A1 (en) *	2003-06-27	2004-12-30	Nokia Corporation, Espoo, Finland	Systems and methods for creating and maintaining a centralized key store

2004
- 2004-05-25 US US10/852,680 patent/US20050268331A1/en not_active Abandoned
- 2004-07-02 US US10/882,675 patent/US20050268332A1/en not_active Abandoned
2005
- 2005-05-03 WO PCT/IB2005/001205 patent/WO2005120008A1/en active Application Filing
- 2005-05-23 AT AT05746269T patent/ATE468693T1/de not_active IP Right Cessation
- 2005-05-23 DE DE602005021353T patent/DE602005021353D1/de active Active

Also Published As

Publication number	Publication date
ATE468693T1 (de)	2010-06-15
WO2005120008A1 (en)	2005-12-15
US20050268332A1 (en)	2005-12-01
US20050268331A1 (en)	2005-12-01

Legal Events

Date	Code	Title	Description
2011-06-09	8364	No opposition during term of opposition

Publication	Publication Date	Title
DE602005021353D1 (de)	2010-07-01	Erweiterungen zur filterung von ipv6-kopfteilen
WO2006115919A3 (en)	2007-11-01	System and method for developing and using trusted policy based on a social model
WO2003058411A1 (fr)	2003-07-17	Procede d'administration de contenu et systeme d'administration de contenu et systeme d'administration de contenu
WO2005104416A3 (en)	2007-08-16	Rights management inter-entity message policies and enforcement
DE60112817D1 (de)	2005-09-22	Verfahren und system zum behandeln von netzwerkstau
DE60331446D1 (de)	2010-04-08	System und verfahren für kommunikationsdienstportabilität
CA2480455A1 (en)	2003-10-23	System and method for detecting an infective element in a network environment
WO2007016478A3 (en)	2009-04-16	Network security systems and methods
ATE273591T1 (de)	2004-08-15	Prüfung der konfiguration einer firewall
ATE519323T1 (de)	2011-08-15	Sicherung von ldap (lightweight directory access protocol) verkehr
ATE348472T1 (de)	2007-01-15	Verfahren und system zur regelassoziation in kommunikationsnetzen
ATE477540T1 (de)	2010-08-15	Vorrichtung und verfahren zur paketweiterleitung
WO2006122091A3 (en)	2009-04-30	Cascading security architecture
MY150011A (en)	2013-11-15	Software vulnerability exploitation shield
AU2003218381A1 (en)	2003-10-13	End-to-end protection of media stream encryption keys for voice-over-ip systems
GB0510784D0 (en)	2005-06-29	System and method for managing computer networks
ATE453277T1 (de)	2010-01-15	Verfahren und vorrichtung zum übertragen von vertraulichkeitseinschränkungen unterzogenen daten
WO2005084252A3 (en)	2009-04-02	System, method and client user interface for a copy protection service
BR0209478A (pt)	2004-07-06	Sistemas e métodos de segurança de aplicativos móveis
PH12019000409A1 (en)	2021-03-01	Security system for controlling internet of things network access
EP1176786A3 (de)	2004-06-30	Integrierte Informations- und Kommunikationssystem
CN101340275B (zh)	2010-10-20	数据卡及其数据处理和传输方法
NO20040989L (no)	2004-09-27	Fremgangsmate for a overvake flyt av mobilbruktrafikk.
GB2423392B (en)	2007-04-04	Methods and system for replicating and securing process control data
JP2009044320A (ja)	2009-02-26	ファイル転送装置及びファイル転送方法