Method for solving port scanning and attack rejection in NAT environment

Abstract

This invention refers to a method for terminal scanning and stopping attack, which contains initializing NAPT list, setting a minimum value of permitted connection number for main frame connecting with router, setting the maximum value of permitted connection number for main frame connecting with router, if the value is less than the minimum the router requesting connection, if the value is greater than the maximum the refusing the connection request, if the value is greater than or equal to minimum or less than or equal to maximum the router setting or refusing request of main frame by probability. Said invention can satisfy current NAY flow and reduce DDOS attack.

Description

technical field

[0001] The invention relates to a method for solving port scanning and rejecting attacks in a router, in particular to a method for solving port scanning and rejecting attacks in a NAT environment. Background technique

[0002] As we all know, due to the shortage of IPv4 address space, IEFT proposes to adopt IP NAT (IPNetwork Address Translation, RFC2663) to solve the problem of insufficient number of IP addresses.

[0003] But in the NAT environment, the router uses a NAPT (Network Address Port Translation) table to record the information of NAT packet translation. This NAPT table contains the host's source IP address (Source IP Address), source port number (Source Port Number) , the destination IP address (Destination IP Address), the destination port number (Destination Port Number), the protocol number (Protocol ID) and the converted address (Global IP Address), etc.; due to NAT conversion, a converted address is theoretically only 65536 ports, and the I...