Method and device for processing TCP connection

A processing method and legal technology, applied in the field of communication, can solve problems such as the lack of TCP state detection capabilities, and achieve the effect of defending against SYN-FLOOD attacks and preventing intrusions

Inactive Publication Date: 2009-09-30
RUIJIE NETWORKS CO LTD
View PDF0 Cites 38 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, after the SYN agent bridges the connection between the client and the server, it does not have the abil

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for processing TCP connection
  • Method and device for processing TCP connection
  • Method and device for processing TCP connection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0049] In this embodiment, the TCP state transition table is used to monitor the state, and the TCP state transition table is preset. The TCP state transition table is used to identify various types of messages received from various sources under the current state of the TCP connection. The new state of the TCP connection obtained when the message is converted, the source can be the client or the server; when the message is received, the TCP state transition table is queried according to the current state of the TCP connection and the source and type of the received message, Determine the new state of the TCP connection, and determine whether the received message is legal according to the new state.

[0050] Each TCP state in the TCP state transition table is defined as follows:

[0051] Table 1

[0052] NONE(sNO): The TCP connection is in a connectionless state SYN_ACKED(sSA): The firewall has received the first SYN packet from the client, and has sent the ...

Embodiment 2

[0164] The processing device of the TCP connection in this embodiment, such as Figure 7 shown, including:

[0165] A receiving module 701, configured to receive a message sent by a client or a server;

[0166] The SYN agent module 702 is used to reply the first synchronous SYN message sent by the client if the receiving module receives the first synchronous SYN message sent by the client when the current state of the transmission control protocol TCP connection is the NONE state or the CLOSE state. Synchronously confirm the SYNACK message to the client, and make the TCP connection enter the SYN_ACKED state; when the current state of the TCP connection is the SYN_ACKED state, if the receiving module receives the message sent by the client to confirm the The first confirmation ACK message of the first SYNACK message, then sends the second SYN message to the server in the name of the client, and makes the TCP connection enter the SYN_FWED state; the current state of the TCP con...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

An embodiment of the invention relates to the field of communication technology, and especially to a method and a device for processing TCP connection. The technical scheme provided by the embodiment of the invention adopts an SYN proxy for establishing the TCP connection thereby guaranteeing that the connection to the server is legal connection. The SYN-FLOOD attack can be prevented effectively. Furthermore, when the TCP connection is in each state, whether the received message is legal can be determined according to the legal message which can be received in each preset condition thereby preventing the intrusion that exists properly.

Description

technical field [0001] The present invention relates to the technical field of communication, and in particular to a method and device for processing a TCP (Transmission Control Protocol, Transmission Control Protocol) connection. Background technique [0002] Communication protocols are either Connection-Oriented or Connectionless Protocols. It depends on whether the message sender needs to contact the receiver to maintain a dialog (connection-oriented), or sends the message without any prior contact (connectionless), and expects the receiver to receive everything in order. These two methods correspond to two ways to realize communication on the network. [0003] In a connection-oriented approach, the network is responsible for sending packets sequentially and detecting losses and collisions in a reliable manner. This method is used by "reliable" transport protocols. [0004] In the connectionless approach, the network only needs to send packets to the receiving point, a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/56
Inventor 黄凯明
Owner RUIJIE NETWORKS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap