FIELD: information technology.
SUBSTANCE: method of protecting a computing network from unauthorized transmission of information, scanning and blocking of network services, where a gateway computer with a firewall is installed on the input of the protected network, in this firewall a set of A allowed for use application-level protocols is defined and it contains a monitoring means configured to determine the application protocol used in the network connection, contains the steps: receiving from the sender with the address S1 for the recipient with the address R1 of the network packet P1 having the number of the encapsulated transport layer protocol corresponding to the TCP protocol number and the set SYN flag; blocking the transmission of the network packet P1 to the recipient with the address R1; sending via the firewall to the sender with the address S1 of the network packet P2 generated in accordance with the TCP protocol, with the SYN and ACK flags set and having the address of the sender R1; receiving from the sender with the address S1 of the network packet P3 with the number of the encapsulated transport level protocol corresponding to the TCP protocol number and the set ACK flag indicating the completion of the procedure for establishing the TCP session; receiving from the sender with the address S1 of the network packet P4, which contains the data D; determination, using the means of monitoring the fact of using in the data D protocol of the application layer from the set A; if the fact of use is established, the network packet P5 generated in accordance with the TCP protocol with the SYN flag set and having the address of the sender S1 sent from the firewall to the recipient with the address R1; receiving from the sender with the address R1 of the network packet P6 with the number of the encapsulated transport level protocol corresponding to the TCP protocol number and the set SYN and ACK flags; sending from the firewall to the recipient with the address R1 of the network packet P7 generated in accordance with the TCP protocol with the ACK flag indicating the completion of the procedure for establishing the TCP session and having the address of the sender S1; sending from the firewall to the recipient with the address R1 of the network packet P8 generated in accordance with the TCP protocol having the address of the sender S1 and containing the data D in an unchanged form; the transparent relay of packets between the sender with the address S1 and the addressee with the address R1; otherwise, the connection between the sender with the address S1 and the addressee with the address R1 is reset.
EFFECT: increased security of the computing network.
5 cl
| Title | Year | Author | Number |
|---|---|---|---|
| METHOD OF OPERATING A FIREWALL | 2017 |
|
RU2667805C1 |
| METHOD FOR PROCESSING NETWORK PACKETS TO DETECT COMPUTER ATTACKS | 2005 |
|
RU2304302C2 |
| FIREWALL OPERATING METHOD | 2018 |
|
RU2679227C1 |
| METHOD OF PROTECTING COMPUTER NETWORK | 2010 |
|
RU2422892C1 |
| METHOD OF MANAGING CONNECTIONS IN FIREWALL | 2012 |
|
RU2517411C1 |
| METHOD FOR PROCESSING NETWORK TRAFFIC DATAGRAMS FOR DELIMITING ACCESS TO INFORMATIONAL AND COMPUTING RESOURCES OF COMPUTER NETWORKS | 2006 |
|
RU2314562C1 |
| METHOD OF PROTECTING COMPUTER NETWORKS FROM UNAUTHORISED SCANNING AND BLOCKING OF NETWORK SERVICES (VERSIONS) | 2011 |
|
RU2469390C1 |
| METHOD OF PROTECTING COMPUTER NETWORKS | 2018 |
|
RU2696330C1 |
| METHOD OF COMPUTER NETWORKS PROTECTION | 2017 |
|
RU2649789C1 |
| METHOD OF PROCESSING NETWORK TRAFFIC DATAGRAMS FOR PROTECTING INFORMATION COMPUTER SYSTEMS (VERSIONS) | 2012 |
|
RU2472217C1 |
