Method of preventing syn flood and router equipment

A flood attack, router technology, applied in the direction of digital transmission system, data exchange network, electrical components, etc., can solve the problems of exhaustion of server resources, affecting servers, consuming server resources, etc., to improve utilization, save resources, improve safety effect

Active Publication Date: 2008-04-16
ANHUI WANTONG POSTS & TELECOMM CO LTD
View PDF0 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The syn flood attack mainly sends multiple syn requests to the server, but after the server returns a syn\ack response packet, it does not respond to the syn-ack request initiated by the server to achieve the purpose of consuming server resources, resulti

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method of preventing syn flood and router equipment
  • Method of preventing syn flood and router equipment
  • Method of preventing syn flood and router equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] In order to solve the disadvantages of the traditional technical solution, the present invention further elaborates a method for preventing syn flood attack when establishing a TCP connection through the following specific examples. Limitations of Invention.

[0041] According to the present invention, the router equipment uses the router simulation server to respond to the link request of the client computer, and the main steps are as follows:

[0042] first step, such as figure 2 As shown, it is a schematic diagram of work under the monitoring mode in the embodiment of the present invention; under normal circumstances, it is in the monitoring mode, and the syn message sent by the client computer is received to directly search for the route and send it;

[0043] The second step is to enter the interception mode when the number of semi-links exceeds the proxy waterline;

[0044] In the monitoring mode, in order to achieve the maximum forwarding efficiency, the router...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a router device, which are used for keeping away the flood attack of a syn when a TCP link is established. The method comprises that an agent water line and an attack water line is set; when the number of the half link exceeds the agent water line, the establishment of the TCP link is proceeded by the router instead of a server on the router device; after the TCP link is established, the TCP link is initiated to the server by the router instead of a client server; when the number of the half link reaches up to the attack water line, after a syn message is received, the half link with the longest existence time is aged and a time of retransmit-overtime is shortened; until the number of the half link is pushed out of the water line number, a normal work pattern is reentered. The invention realizes the response of the TCP link which is initiated to the client server by an agent server, which greatly saved resource and improves the use ratio of resource. And the effect of improving the security of the equipment is achieved.

Description

technical field [0001] The invention relates to a method for preventing syn flood attack when establishing TCP connection on router equipment, and also relates to a router equipment preventing syn flood attack when establishing TCP connection on router equipment. Background technique [0002] With the continuous development of broadband access technology, people are increasingly inseparable from the information and service platforms brought by the network, but the greater the dependence on the network, the higher the requirements for network security. [0003] In the current situation, denial of service attacks have become the main means of hacker attacks, and most of the targets of this attack are www servers. This service is based on the TCP protocol. For the services of the TCP protocol, syn flooding (syn flood ) attack is difficult to prevent. Currently syn flooding has become the most popular denial of service attack. [0004] A normal TCP connection requires a three-...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/24H04L29/06
Inventor 郎熙顾颖杰
Owner ANHUI WANTONG POSTS & TELECOMM CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap