Abstract: A system and method for provisioning enhanced security/privacy functions into a user client to detect, warn, and avoid man in the middle attacks and to improve privacy and security of data transmitted across the Internet without certificate authorities.

Abstract: A system at a central server and at a plurality of web filters is installed to observe traffic and to protect users from attempting connection to suspicious, malicious, and/or infectious targets. Targets are defined as Uniform Resource Identifiers (URI) and Internet Protocol (IP) addresses. Traffic is collected, analyzed, and reported for further analysis. Behavior is analyzed for each client attempting a connection to an uncategorized target. IP addresses and URIs are evaluated toward placement in either a Trusted target store or an Anomalous target store. The accumulated content of Anomalous target store is provided back to the Network Service Subscriber Clients. Warnings and tools are presented when appropriate.

Abstract: A method for filtering email which contains links to uniform resource identifiers which disguise the content and identity of spam sites by multiple serial redirection.

Abstract: A method for operating an apparatus to recall email which has already passed through a spam filter to user mailboxes. An apparatus stores a highly efficient database for a brief period of time after an email is received, filtered, and transmitted to an email server. Message id, recipient, connecting IP address and other spam attributes are stored in a searchable format. After receiving updated spam attributes, a spam filter apparatus under software control queries the database for messages that were not detected as spam before transmittal to the email clients and servers, and sends spam recall messages. Improved email clients and servers adapted by software instructions, move or modify email user mailboxes upon receipt of the spam recall.

Abstract: A method for creating and operating a database for determining the best match of a plurality of rules comprising wildcards and character strings with an input text string.

Abstract: A method for filtering email which contains links to uniform resource identifiers which disguise the content and identity of spam sites by multiple serial redirection.

Abstract: A network filtering system and method without requiring cryptographic processing of secure message transmissions. The method provides for determining target node ID associations corresponding to domain names of filtered node DNS requests and corresponding network address and address duration data determined according to a corresponding DNS responses. The method also provides for comparing a destination address of a current message transmission corresponding to a filtered node with the determined target node ID associations, and conducting filtering processing of the current message transmission.

Abstract: A system and method for disrupting the download of undesirable files. A data store traps the final block or blocks of a file transfer which is held for detection of viruses, trojan horses, spyware, worms, dishonest ads, scripts, plugins, and other files considered computer contaminants. Innocuous file transfers are completed with minimum disruption as perceived by the user.

Abstract: A system, apparatus, and method for controlling peer to peer traffic at a network gateway or server. Suspected peer to peer traffic is identified heuristically and collected for content analysis. Content digital fingerprint pattern matching software is received from a remote server. Peer to peer traffic is selectively disposed of.

Abstract: A system, apparatus, and method for accelerating display of frequently accessed slowly changing static content by causing a client having cache to actively request new content from a server and influencing caching policy at the client.

Abstract: Secure Remote Support Automation Process wherein a remote support server receives a support task request and schedules a predefined task to a predefined actor who also has a predefined escalation policy and notifies the support actor of the scheduled task along with a key, a key seed, or a credential to use in authentication. The method enabling privileged access to an Internet security appliance using public/private key pairs through a firewall and network address translation by a support server and an assigned support task actor.