Method for implementing black sheet

A blacklist and purpose technology, applied in the field of port-based blacklist implementation, to achieve the effect of enhancing flexibility and effectiveness

Active Publication Date: 2006-12-06
HUAWEI TECH CO LTD
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] However, the existing blacklist technology, once added to the blacklist, is effective for all ports
In addition, blacklists cannot fully identify valid attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for implementing black sheet
  • Method for implementing black sheet
  • Method for implementing black sheet

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] Preferred embodiments of the present invention are described in detail below.

[0028] as attached figure 2 As shown, the present invention provides a port-level blacklist implementation technology, so that the addition of the dynamic blacklist takes the port as the unit, and the port is the scope of the blacklist, which can avoid the blacklist scope caused by address spoofing or other attacks. Expansion, affecting the use of normal users.

[0029] as attached image 3 As shown, the present invention provides a method for implementing a blacklist, which includes the steps of: A, receiving a message from a port of the system, parsing and obtaining the source IP address of the message; B, detecting whether the source IP address belongs to The blacklist of the port. When it is determined that the port belongs to the blacklist of the port, the message is discarded.

[0030] Blacklist can have multiple establishment methods, for example, also includes step before describ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method comprises: a) receiving message from one port of system, and analyzing the received message to get its source IP address; b) checking said source IP address to decide if it is in the blacklist of said port; if yes, discarding said message. Taking port as the scope of influence of blacklist can avoid an expanding of blacklist scope caused by the address cheating or other attack, which can influence normal operation of users; the user in blacklist is not limited to visit a trusted site in which the access privilege has been set; the visit to a dedicated network from a privilege user can be implemented by setting a privilege rule.

Description

technical field [0001] The invention relates to a method for realizing network message shielding, in particular to a method for realizing port-based blacklist. Background technique [0002] For security reasons, routers or firewall devices need to filter data packets and configure a series of rules to determine what data packets can pass through. These rules are defined by access control lists (ACL, Access Control List). The access control list is a series of sequential rules composed of "allow" and "deny" statements, which are described according to the source address, destination address, port number, etc. of the data packet. ACL classifies data packets through these rules, which are applied to the interface of the device, and the device judges which data packets can be received and which data packets need to be rejected according to these rules. [0003] Blacklist refers to a method of filtering according to the source IP address of the message, which can realize the fil...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04L29/06
Inventor 张鹏
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap