Abstract: A method, apparatus, and program product are provided for protecting a network from intrusions. An offending packet communicated by an offending host coupled to a protected network is detected. In response to the detection, a blocking instruction is returned to the offending host to initiate an intrusion protection operation on the offending host, where the blocking instruction inhibits further transmission of offending packets by the offending host. At the offending host, a blocking instruction is received with a portion of an offending packet. The offending host verifies that the offending packet originated from the host. In response to the verification of the offending packet originating from the host, an intrusion protection operation is initiated on the host thereby inhibiting transmission of a subsequent outbound offending packet by the host.

Abstract: A method, apparatus, and program product are provided for protecting a network from intrusions. An offending packet communicated by an offending host coupled to a protected network is detected. In response to the detection, a blocking instruction is returned to the offending host to initiate an intrusion protection operation on the offending host, where the blocking instruction inhibits further transmission of offending packets by the offending host. At the offending host, a blocking instruction is received with a portion of an offending packet. The offending host verifies that the offending packet originated from the host. In response to the verification of the offending packet originating from the host, an intrusion protection operation is initiated on the host thereby inhibiting transmission of a subsequent outbound offending packet by the host.

Abstract: A method, apparatus, and program product are provided for protecting a network from intrusions. An offending packet communicated by an offending host coupled to a protected network is detected. In response to the detection, a blocking instruction is returned to the offending host to initiate an intrusion protection operation on the offending host, where the blocking instruction inhibits further transmission of offending packets by the offending host. At the offending host, a blocking instruction is received with a portion of an offending packet. The offending host verifies that the offending packet originated from the host. In response to the verification of the offending packet originating from the host, an intrusion protection operation is initiated on the host thereby inhibiting transmission of a subsequent outbound offending packet by the host.

Abstract: A method, apparatus, and program product are provided for protecting a network from intrusions. An offending packet communicated by an offending host coupled to a protected network is detected. In response to the detection, a blocking instruction is returned to the offending host to initiate an intrusion protection operation on the offending host, where the blocking instruction inhibits further transmission of offending packets by the offending host. At the offending host, a blocking instruction is received with a portion of an offending packet. The offending host verifies that the offending packet originated from the host. In response to the verification of the offending packet originating from the host, an intrusion protection operation is initiated on the host thereby inhibiting transmission of a subsequent outbound offending packet by the host.

Abstract: A method, apparatus, and program product are provided for protecting a network from intrusions. An offending packet communicated by an offending host coupled to a protected network is detected. In response to the detection, a blocking instruction is returned to the offending host to initiate an intrusion protection operation on the offending host, where the blocking instruction inhibits further transmission of offending packets by the offending host. At the offending host, a blocking instruction is received with a portion of an offending packet. The offending host verifies that the offending packet originated from the host. In response to the verification of the offending packet originating from the host, an intrusion protection operation is initiated on the host thereby inhibiting transmission of a subsequent outbound offending packet by the host.

Abstract: A method, apparatus and computer readable medium is provided for tracking processes using a socket object. The processes are utilized to execute an application program. Initially, a process list for the socket object is created, such that the process list contains a process identifier for a first process using the socket object. If a second process is using the socket object, the process list is updated to include the process identifier for the second process.

Abstract: A method, apparatus, and program product are provided for protecting a network from intrusions. An offending packet communicated by an offending host coupled to a protected network is detected. In response to the detection, a blocking instruction is returned to the offending host to initiate an intrusion protection operation on the offending host, where the blocking instruction inhibits further transmission of offending packets by the offending host. At the offending host, a blocking instruction is received with a portion of an offending packet. The offending host verifies that the offending packet originated from the host. In response to the verification of the offending packet originating from the host, an intrusion protection operation is initiated on the host thereby inhibiting transmission of a subsequent outbound offending packet by the host.

Abstract: A method, apparatus, and program product are provided for protecting a network from intrusions. An offending packet communicated by an offending host coupled to a protected network is detected. In response to the detection, a blocking instruction is returned to the offending host to initiate an intrusion protection operation on the offending host, where the blocking instruction inhibits further transmission of offending packets by the offending host. At the offending host, a blocking instruction is received with a portion of an offending packet. The offending host verifies that the offending packet originated from the host. In response to the verification of the offending packet originating from the host, an intrusion protection operation is initiated on the host thereby inhibiting transmission of a subsequent outbound offending packet by the host.

Abstract: A method, apparatus, system, and non-transitory computer-readable storage medium that in an embodiment dynamically allocate client requests to target servers based on prepare messages sent by the target servers. The addresses of target servers are added to a queue in response to the prepare messages from the target servers. A network interface is then prepared to receive an incoming call request from a client. After the call request arrives from a client, one of the addresses is selected from the queue. The call request is then sent through a tunnel to the target server associated with the selected address.

Abstract: An apparatus and method for sharing a resource (such as a modem or virtual private network) allow virtualizing the shared resource in a simple and efficient manner that allows both accepting and initiating virtual or physical connections through the shared resource across logical partitions or systems. An L2TP tunnel is established between the server that owns the shared resource and the client that desires to use the shared resource. Messages are defined that allow the client to initiate an outgoing connection through the shared resource, and that allow the client to accept an incoming connection received from the shared resource. Once the connection is made, the client and ultimate destination communicate through the shared resource via point-to-point communications.

Abstract: A host node connected to the Internet automatically generates an Internet interface addresses for itself, and automatically generates a request to an Internet domain name server to update the domain name server's database with the self-generated address. Preferably, the node employs a draft standard stateless address autoconfiguration protocol to create a link-local address, find a router, obtain a prefix from the router, and generate a global address from the prefix and the link-local address. Preferably, the node automatically determines the identity of its master domain name server, and transmits a request to update the master's database using a BIND 8 (or subsequent) protocol. Such a request may be encrypted for security and may include a self-generated identity key for further security.

Abstract: An apparatus and method for sharing a resource (such as a modem or virtual private network) allow virtualizing the shared resource in a simple and efficient manner that allows both accepting and initiating virtual or physical connections through the shared resource across logical partitions or systems. An L2TP tunnel is established between the server that owns the shared resource and the client that desires to use the shared resource. Messages are defined that allow the client to initiate an outgoing connection through the shared resource, and that allow the client to accept an incoming connection received from the shared resource. Once the connection is made, the client and ultimate destination communicate through the shared resource via point-to-point communications.

Abstract: A storage medium and computer system that in an embodiment dynamically allocate client requests to target servers based on prepare messages sent by the target servers. The addresses of target servers are added to a queue in response to the prepare messages from the target servers. A network interface is then prepared to receive an incoming call request from a client. After the call request arrives from a client, one of the addresses is selected from the queue. The call request is then sent through a tunnel to the target server associated with the selected address.

Abstract: A method, apparatus, and program product are provided for protecting a network from intrusions. An offending packet communicated by an offending host coupled to a protected network is detected. In response to the detection, a blocking instruction is returned to the offending host to initiate an intrusion protection operation on the offending host, where the blocking instruction inhibits further transmission of offending packets by the offending host. At the offending host, a blocking instruction is received with a portion of an offending packet. The offending host verifies that the offending packet originated from the host. In response to the verification of the offending packet originating from the host, an intrusion protection operation is initiated on the host thereby inhibiting transmission of a subsequent outbound offending packet by the host.

Abstract: A method, apparatus, system, and signal-bearing medium that in an embodiment dynamically allocate client requests to target servers based on prepare messages sent by the target servers. The addresses of target servers are added to a queue in response to the prepare messages from the target servers. A network interface is then prepared to receive an incoming call request from a client. After the call request arrives from a client, one of the addresses is selected from the queue. The call request is then sent through a tunnel to the target server associated with the selected address.

Abstract: An apparatus and method for sharing a resource (such as a modem or virtual private network) allow virtualizing the shared resource in a simple and efficient manner that allows both accepting and initiating virtual or physical connections through the shared resource across logical partitions or systems. An L2TP tunnel is established between the server that owns the shared resource and the client that desires to use the shared resource. Messages are defined that allow the client to initiate an outgoing connection through the shared resource, and that allow the client to accept an incoming connection received from the shared resource. Once the connection is made, the client and ultimate destination communicate through the shared resource via point-to-point communications.

Abstract: A method, apparatus and computer readable medium is provided for tracking processes using a socket object. The processes are utilized to execute an application program. Initially, a process list for the socket object is created, such that the process list contains a process identifier for a first process using the socket object. If a second process is using the socket object, the process list is updated to include the process identifier for the second process.

Abstract: An apparatus and method for sharing a resource (such as a modem or virtual private network) allow virtualizing the shared resource in a simple and efficient manner that allows both accepting and initiating virtual or physical connections through the shared resource across logical partitions or systems. An L2TP tunnel is established between the server that owns the shared resource and the client that desires to use the shared resource. Messages are defined that allow the client to initiate an outgoing connection through the shared resource, and that allow the client to accept an incoming connection received from the shared resource. Once the connection is made, the client and ultimate destination communicate through the shared resource via point-to-point communications.

Abstract: An apparatus and method for sharing a resource (such as a modem or virtual private network) allow virtualizing the shared resource in a simple and efficient manner that allows both accepting and initiating virtual or physical connections through the shared resource across logical partitions or systems. An L2TP tunnel is established between the server that owns the shared resource and the client that desires to use the shared resource. Messages are defined that allow the client to initiate an outgoing connection through the shared resource, and that allow the client to accept an incoming connection received from the shared resource. Once the connection is made, the client and ultimate destination communicate through the shared resource via point-to-point communications.

Abstract: An apparatus and method for sharing a resource (such as a modem or virtual private network) allow virtualizing the shared resource in a simple and efficient manner that allows both accepting and initiating virtual or physical connections through the shared resource across logical partitions or systems. An L2TP tunnel is established between the server that owns the shared resource and the client that desires to use the shared resource. Messages are defined that allow the client to initiate an outgoing connection through the shared resource, and that allow the client to accept an incoming connection received from the shared resource. Once the connection is made, the client and ultimate destination communicate through the shared resource via point-to-point communications.