System and method for source IP anti-spoofing security

Assignee

• FOUNDRY NETWORKS, LLC · US

Inventors

• Ronald Wai Lun Szeto · San Francisco, US
• Nitin Jain · San Diego, US
• Ravindran Suresh · San Jose, US
• Philip Kwan · San Jose, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2463/146
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A system and method that provides for using source IP addresses and MAC addresses in a network to provide security against attempts by users of the network to use false source IP addresses in data packets. The system and method provide for analyzing MAC addresses and source IP addresses at the datalink (layer 2) level, and to use the information derived from such analysis to block access through a port where a host device is using a false, or spoofed, source IP address in transmitted data packets. Further, the system and method provide for validating initially learned source IP addresses, and for determining whether the number of unsuccessful attempts to validate new source IP addresses exceeds a threshold level, and where the number does exceed the threshold number the system and method can provide for operation in a possible attack mode.