 Method and system for message transfer session management |
| In accordance with the invention, there is provided a method and system for managing transfer of ... |
|
| Method, system, and program for returning a file requested through a network connection |
| OF THE PREFERRED EMBODIMENTS In the following description, reference is made to the accompanying ... |
|
| Control system with customizable menu structure for personal mobility vehicle |
| Referring now to the drawings, there is illustrated in FIG. 1 a diagrammatic representation of an ... |
|
| Intelligent network security device and method |
| I claim: 1. In a computer system connected to an external communications medium, a security device ... |
|
| Method for automatic intrusion detection and deflection in a network |
| OF THE INVENTION The present invention is of a method and a system for providing security to a ... |
|
| Enhanced browser application for service related to the transportation of a message |
| It is an object of the present invention to provide a universal browser, compatible with common ... |
|
| Representing and verifying network management policies using collective constraints |
| The foregoing needs and objects, and other needs and objects that will become apparent from the ... |
|
|
Method for intercepting network packets in a computing device
| Details |
Inventors: Haatainen, Niko; Kivinen, Tero; Kukkonen, Jussi; Ylonen, Tatu;
Assignee: SSH Communications Security Ltd. ()
Primary Examiner: Powell; Mark R.
Assistant Examiner: Vu; Thong
Attorney, Agent or Firm: Fish; Ronald Craig Ronald Craig Fish, A Law Corporation
A method is provided for intercepting network packets in a computer system, where a number of functions are used to communicate network packets between a network adapter and a protocols entity. A first network adapter and a first protocols entity installed in the computer system are identified. A set of replacement functions is provided within a packet interceptor module. At least one function used for transmitting network packets from said first protocols entity to said first network adapter is hooked into a first replacement function. At least one function used for transmitting network packets from said first network adapter to said first protocols entity is hooked into a second replacement function. At least one function used for receiving information about the status of the network interface implemented by said first network adapter is hooked into a third replacement function. |
|
DETAILED DESCRIPTION OF THE INVENTION The concept of hooking is generally known in the art of computer programming.
It means that a call to a default system service (like a function, interrupt or memory location) is redirected or "hooked" into a replacement service instead.
For example, the MSDOS (MicroSoft Disk Operating System) operating system provided a system call to redirect interrupts, as described for example in the reference marked as MSDOS5 in the enclosed list of references.
Many object-oriented languages provide a way of redefining functions in derived classes (e.
g.
, C++ virtual functions, reference marked as ES90).
Lisp-like programming languages have supported hooks for certain operations for a long time, as described for example in the reference marked as Steele90.
Many operating systems provide hooks or certain other types of redirecting for limited functionality.
For example the known firewall hooks in Linux and FreeBSD are typically exploited so that a module of code is loaded into the kernel.
The module registers itself to the networking code, and the networking code will call the module whenever a packet is sent or received.
The code within the module will then indicate whether the packet should be allowed through or not.
Typically, however, such hooking implementations do not allow modifying, inserting, and delaying packets.
The firewall hooking approach is only available for a very limited range of operating systems, such as Linux and FreeBSD.
Furthermore, on many operating systems the functionality may not be enabled by default.
Thus, using the firewall hooking features may require the user to recompile and install a new operating system kernel, which exceeds the skills of most system administrators.
Therefore the known firewall hooking solutions are not generally usable and do not solve the problem of providing packet intercepting for the most popular operating systems or for large numbers of unskilled users.
Specialized applications such as anti-virus software have trapped system services to monitor e
|
|
Processing Data 
