 Dynamic caches with miss tables |
| The following Detailed Description will begin with a conceptual overview of the invention and will ... |
|
| Type-based selection of rules for semantically disambiguating words |
| The invention addresses problems that arise with the previous techniques of Segond et al. and Dini ... |
|
| Supplemental diagnostic and services resource planning for mobile systems |
| OF THE INVENTION The system and method integrate several well-known technologies via an ... |
|
| System for generating prescribed duration audio and/or video sequences |
| The present invention is directed toward a system for compiling a sequence of data blocks for ... |
|
| Object-oriented data processing system with transactional adapter |
| Thus, the prior art has not, on the one hand, provided general concurrency control of operations in ... |
|
| Control of commercial processes |
| The discussion below presents an arrangement that integrates a number of business process tools to ... |
|
| Method and apparatus for implementing a web page diary |
| The present invention allows a user to create a "diary" containing multimedia references to W... |
|
| On-line educational system for display of educational materials |
| A first apparatus for providing a course-level message center for use with an on-line educational ... |
|
|
Computer security using virus probing
| Details |
Inventors: Grosse, Eric;
Assignee: Lucent Technologies Inc. (Murray Hill, NJ)
Primary Examiner: Wiley; David A.
Assistant Examiner:
Attorney, Agent or Firm: Dinella; Donald P.
A technique for determining whether particular clients within a computer network are universally configured in accordance with the desired network security features of the computer network. A probe is randomly inserted within incoming files, e.g., at a firewall in the computer network. The probe is configured as a function of a particular execution task, e.g. a known virus, such that in a properly configured client the probe will not execute and the firewall does not detect a security breach. However, if the client is misconfigured, i.e., not in compliance with the standard network security features, the probe will execute and trigger an alarm in the firewall indicating that the client is vulnerable to a security breach. Advantageously, a network security administrator can take appropriate action to correct those clients which are misconfigured. |
|
DETAILED DESCRIPTION The present invention provides a technique for determining whether particular clients within a computer network are universally configured in accordance with the desired security features of the computer network.
In accordance with the invention, a probe is randomly inserted within incoming files in the computer network.
Illustratively, the insertion of probes occurs in a firewall which separates the computer network from other networks.
The probe, in accordance with an embodiment of the invention, is configured as a function of a particular execution task, e.
g.
a known virus, such that in a properly configured client the probe will not execute and the firewall does not detect a security breach.
However, if the client is misconfigured, i.
e.
, is not in compliance with the standard network security measures, the probe will execute and trigger a security alert in the firewall indicating that the client is vulnerable to a security breach.
Advantageously, a network security administrator can take appropriate action to correct those clients which are misconfigured.
In preferred embodiments of the invention, the probe is configured as a virus probe in the form of a trojan horse which, if executed, on a client will launch a signal back to the firewall indicating that the client is misconfigured.
In further embodiments of the invention, the signal back to the firewall is a User Datagram Protocol ("UDP") packet.
In accordance, with a further embodiment of the invention, the virus probe is inserted upon a first Internet access from a particular IP address or browser type, and thereafter virus probes are inserted at random intervals.
|
| Related patents |
|
|
Fast virus scanning using session stamping
The above-mentioned shortcomings, disadvantages and problems are addressed by the present invention, which will be understood by reading and studying the following ...
|
|
|
Method and apparatus for increasing virus detection speed using a database
The foregoing and other problems are overcome and the objects of the invention are realized by methods and apparatus in accordance with embodiments of this invention. T...
|
|
|
Displaying multiple document abstracts in a single hyperlinked abstract, and their modified source documents
OF PREFERRED EMBODIMENTS Preferred embodiments of the present invention will be explained below with reference to the drawings. At first, terms used in the following ...
|
|
|
Optimization of simulation run-times based on fuzzy-controlled input values
The present inventions provides a method and apparatus for optimally adjusting simulation run-times based on the effects of outside forces that are impossible to ...
|
|
|
Forecasting contest
The present invention addresses the foregoing problems by providing a number of different inventive features which can be implemented individually or in any of a wide ...
|
|
|
Opening price process for trading system
What is claimed is: 1. A method of determining an opening price for a product traded in a trading system, the method executed over a distributed network computer system, ...
|
|
|
Method and apparatus for computer program usage monitoring
It is an object of the present invention to provide a software product to detect, monitor, report on, and control the software products installed on a computer system ...
|
|
|
Method and system for distributing software in a telecommunications network
The deficiencies of the prior art are overcome by the method and system of the present invention. For example, as heretofore unrecognized, it would be beneficial if ...
|
|
|
Method and system for downloading updates for software installation
In view of the foregoing, the present invention provides a method and system of downloading update data for installing a software product on a client computer that ...
|
|
|
Information retrieval apparatus and a method
It is an object of the present invention to provide an information retrieval apparatus and a method to present at least one retrieval result of high quality to the user ...
|
|
|
File Sharing 
