会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 9. 发明授权
    • Methods for inspecting security certificates by network security devices to detect and prevent the use of invalid certificates
    • 网络安全设备检查安全证书以检测和防止使用无效证书的方法
    • US08850576B2
    • 2014-09-30
    • US13411567
    • 2012-03-04
    • Guy GuznerAmi HavivDanny LieblichYahav Gal
    • Guy GuznerAmi HavivDanny LieblichYahav Gal
    • H04L29/06H04L9/32
    • H04L63/0823H04L9/3268H04L63/1408
    • Disclosed are methods and media for inspecting security certificates. Methods include the steps of: scanning, by a network security device, messages of a security protocol between a server and a client system; detecting the messages having a security certificate; detecting suspicious security certificates from the messages; and aborting particular sessions of the security protocol associated with the suspicious certificates. Preferably, the step of scanning is performed only on messages of server certificate records. Preferably, the method further includes the step of sending an invalid-certificate notice to the server and the client system. Preferably, the step of detecting the suspicious certificates includes detecting a use of an incorrectly-generated private key for the certificates. Preferably, the step of detecting the suspicious certificates includes detecting an unavailability of revocation information for the certificates. Preferably, the step of detecting the suspicious certificates includes detecting a use of an invalid cryptographic algorithm for the certificates.
    • 披露了检查安全证书的方法和媒体。 方法包括以下步骤:由网络安全设备扫描服务器和客户端系统之间的安全协议的消息; 检测具有安全证书的消息; 从消息中检测可疑安全证书; 并中止与可疑证书相关联的安全协议的特定会话。 优选地,仅对服务器证书记录的消息执行扫描步骤。 优选地,该方法还包括向服务器和客户端系统发送无效证书通知的步骤。 优选地,检测可疑证书的步骤包括检测证书的使用不正确生成的私钥。 优选地,检测可疑证书的步骤包括检测证书的撤销信息的不可用性。 优选地,检测可疑证书的步骤包括检测对证书的无效加密算法的使用。
    • 10. 发明授权
    • Penalty box for mitigation of denial-of-service attacks
    • 减轻拒绝服务攻击的惩罚方案
    • US08844019B2
    • 2014-09-23
    • US13682754
    • 2012-11-21
    • Check Point Software Technologies Ltd.
    • Ofer BarkaiDorit DorTamir Zegman
    • H04L29/06
    • H04L63/0281H04L63/0227H04L63/1425H04L63/1458
    • A security gateway of a computer network receives incoming packets at one or more network interfaces. One or more security functions are applied to the packets. Reports of security function violations are recorded. The reports include the source addresses of the packets, the times that the packets were received, and descriptions of the violations. The descriptions include weights, and if the sum of the weights, for packets of a common source address that are received within a first time interval, exceeds a threshold, subsequent packets from that source address are dropped. Alternatively, in a “monitor only” mode, the common source address is logged but packets are not dropped. Optionally, encrypted packets and/or packets received at some network interfaces but not at other network interfaces are not dropped.
    • 计算机网络的安全网关在一个或多个网络接口处接收传入的分组。 一个或多个安全功能被应用于分组。 记录安全功能违规的报告。 这些报告包括报文的源地址,接收报文的时间以及违规的描述。 描述包括权重,并且如果在第一时间间隔内接收到的公共源地址的分组的权重之和超过阈值,则来自该源地址的后续分组被丢弃。 或者,在“仅监视”模式下,记录公共源地址,但不会丢弃数据包。 可选地,在一些网络接口而不是在其他网络接口处接收到的加密分组和/或分组不被丢弃。