Abstract: The present invention provides a firewall that achieves maximum network security and maximum user convenience. The firewall employs “envoys” that exhibit the security robustness of prior-art proxies and the transparency and ease-of-use of prior-art packet filters, combining the best of both worlds. No traffic can pass through the firewall unless the firewall has established an envoy for that traffic. Both connection-oriented (e.g., TCP) and connectionless (e.g., UDP-based) services may be handled using envoys. Establishment of an envoy may be subjected to a myriad of tests to “qualify” the user, the requested communication, or both. Therefore, a high level of security may be achieved. The usual added burden of prior-art proxy systems is avoided in such a way as to achieve fall transparency-the user can use standard applications and need not even know of the existence of the firewall. To achieve full transparency, the firewall is configured as two or more sets of virtual hosts.

Abstract: A web server for providing a dynamically-updating pay-for-service web site is disclosed. The web server includes an HTML front-end entry process configured to create and store personal homepage content in a database for a owner, receive a fee for making the personal homepage accessible on a network. The HTML front-end update process is also configured to allow the owner to update their personal homepage over a network.

Abstract: A computer network and a database are used to provide a hardware-independent, dynamic information system in which the information content is entirely user-controlled. Requests are received from individual users of the computer network to electronically publish information, and input is accepted from the individual users. Entries from the users containing the information to be electronically published are automatically collected, classified and stored in the database in searchable and retrievable form. Entries are made freely accessible on the computer network. In response to user requests, the database is searched and entries are retrieved. Entries are served to users in a hardware-independent page description language. The entries are password protected, allowing users to retrieve and update entries by supplying a correct password. Preferably, the process is entirely automated with any necessary billing being performed by secure, on-line credit card processing.

Abstract: The present invention, generally speaking, provides a firewall that achieves maximum network security and maximum user convenience. The firewall employs “envoys” that exhibit the security robustness of prior-art proxies and the transparency and ease-of-use of prior-art packet filters, combining the best of both worlds. No traffic can pass through the firewall unless the firewall has established an envoy for that traffic. Both connection-oriented (e.g., TCP) and connectionless (e.g., UDP-based) services may be handled using envoys. Establishment of an envoy may be subjected to a myriad of tests to “qualify” the user, the requested communication, or both. Therefore, a high level of security may be achieved. The usual added burden of prior-art proxy systems is avoided in such a way as to achieve full transparency—the user can use standard applications and need not even know of the existence of the firewall.

Abstract: The present invention, generally speaking, provides a firewall that achieves maximum network security and maximum user convenience. The firewall employs “envoys” that exhibit the security robustness of prior-art proxies and the transparency and ease-of-use of prior-art packet filters, combining the best of both worlds. No traffic can pass through the firewall unless the firewall has established an envoy for that traffic. Both connection-oriented (e.g., TCP) and connectionless (e.g., UDP-based) services may be handled using envoys. Establishment of an envoy may be subjected to a myriad of tests to “qualify” the user, the requested communication, or both. Therefore, a high level of security may be achieved. The usual added burden of prior-art proxy systems is avoided in such a way as to achieve fall transparency-the user can use standard applications and need not even know of the existence of the firewall.

Abstract: A Web server is provided having a multi-homed, modular framework. The modular framework allows extensions to the Web server to be easily compiled into the Web server, allowing the extensions to run natively as part of the server instead of incurring the overhead typical of CGI scripts, for example. The multi-homing capabilities of the Web server provide the appearance to Web users of multiple distinct and independent servers, allowing a small company or individual to create the same kind of Web presence enjoyed by larger companies. In effect, multiple virtual servers run on the same physical machine. The Web server as a whole is easily extensible to allow additional capabilities to be provided natively within the Web server itself. Furthermore, each virtual server is independently configurable in order to turn different capabilities on or off or to modify operation of the virtual server.

Abstract: A computer network and a database are used to provide a hardware-independent, dynamic information system in which the information content is entirely user-controlled. Requests are received from individual users of the computer network to electronically publish information, and input is accepted from the individual users. Entries from the users containing the information to be electronically published are automatically collected, classified and stored in the database in searchable and retrievable form. Entries are made freely accessible on the computer network. In response to user requests, the database is searched and entries are retrieved. Entries are served to users in a hardware-independent page description language. The entries are password protected, allowing users to retrieve and update entries by supplying a correct password. Preferably, the process is entirely automated with any necessary billing being performed by secure, on-line credit card processing.

Abstract: A Web server is provided having a multi-homed, modular framework. The modular framework allows extensions to the Web server to be easily compiled into the Web server, allowing the extensions to run natively as part of the server instead of incurring the overhead typical of CGI scripts, for example. The multi-homing capabilities of the Web server provide the appearance to Web users of multiple distinct and independent servers, allowing a small company or individual to create the same kind of Web presence enjoyed by larger companies. In effect, multiple virtual servers run on the same physical machine. The Web server as a whole is easily extensible to allow additional capabilities to be provided natively within the Web server itself. Furthermore, each virtual server is independently configurable in order to turn different capabilities on or off or to modify operation of the virtual server.

Abstract: A firewall for isolating network elements from a publicly accessible network to which such network elements are attached. The firewall operates on a stand alone computer connected between the public network and the network elements to be protected such that all access to the protected network elements must go through the firewall. The firewall application running on the stand alone computer is preferably the only application running on that machine. The application includes a variety of proxy agents that are specifically assigned to an incoming request in accordance with the service protocol (i.e., port number) indicated in the incoming access request. An assigned proxy agent verifies the authority of an incoming request to access a network element indicated in the request. Once verified, the proxy agent completes the connection to the protected network element on behalf of the source of the incoming request.

Abstract: The present invention, generally speaking, provides a firewall that achieves maximum network security and maximum user convenience. The firewall employs "envoys" that exhibit the security robustness of prior-art proxies and the transparency and ease-of-use of prior-art packet filters, combining the best of both worlds. No traffic can pass through the firewall unless the firewall has established an envoy for that traffic. Both connection-oriented (e.g., TCP) and connectionless (e.g., UDP-based) services may be handled using envoys. Establishment of an envoy may be subjected to a myriad of tests to "qualify" the user, the requested communication, or both. Therefore, a high level of security may be achieved. The usual added burden of prior-art proxy systems is avoided in such a way as to achieve full transparency--the user can use standard applications and need not even know of the existence of the firewall. To achieve full transparency, the firewall is configured as two or more sets of virtual hosts.

Abstract: The present invention, generally speaking, provides a firewall that achieves maximum network security and maximum user convenience. The firewall employs "envoys" that exhibit the security robustness of prior-art proxies and the transparency and ease-of-use of prior-art packet filters, combining the best of both worlds. No traffic can pass through the firewall unless the firewall has established an envoy for that traffic. Both connection-oriented (e.g., TCP) and connectionless (e.g., UDP-based) services may be handled using envoys. Establishment of an envoy may be subjected to a myriad of tests to "qualify" the user, the requested communication, or both. Therefore, a high level of security may be achieved. The usual added burden of prior-art proxy systems is avoided in such a way as to achieve fall transparency-the user can use standard applications and need not even know of the existence of the firewall. To achieve full transparency, the firewall is configured as two or more sets of virtual hosts.

Abstract: A Web server is provided having a multi-homed, modular framework. The modular framework allows extensions to the Web server to be easily compiled into the Web server, allowing the extensions to run natively as part of the server instead of incurring the overhead typical of CGI scripts, for example. The multi-homing capabilities of the Web server provide the appearance to Web users of multiple distinct and independent servers, allowing a small company or individual to create the same kind of Web presence enjoyed by larger companies. In effect, multiple virtual servers run on the same physical machine. The Web server as a whole is easily extensible to allow additional capabilities to be provided natively within the Web server itself. Furthermore, each virtual server is independently configurable in order to turn different capabilities on or off or to modify operation of the virtual server.

Abstract: Providing a firewall for isolating network elements from a publicly accessible network to which such network elements are attached. The firewall operates on a stand alone computer connected between the public network and the network elements to be protected such that all access to the protected network elements must go through the firewall. The firewall application running on the stand alone computer is preferably the only application running on that machine. The application includes a variety of proxy agents that are specifically assigned to an incoming request in accordance with the service protocol (i.e., port number) indicated in the incoming access request. An assigned proxy agent verifies the authority of an incoming request to access a network element indicated in the request. Once verified, the proxy agent completes the connection to the protected network element on behalf of the source of the incoming request.

Abstract: Methods and apparatuses are disclosed for providing a system for automatically tracking use of a software and also for determining whether the software is validly licensed and enabling or disabling the software accordingly. Exemplary systems involve attaching a licensing system module to a software application. Records of valid licenses are stored in the database maintained by the software provider. The licensing system module transparently forms a license record inquiry message. The message is transparently sent to the database over a public network, such as the Internet, to determine whether a valid license record exists in the database for the software application. The database forms and returns an appropriate response message that is interpreted by the licensing system module. The software application can then be appropriately enabled or disabled by the licensing system module. The receipt of the license record inquiry can be recorded in the database to monitor software use.

Abstract: A computer network and a database are used to provide a hardware-independent, dynamic information system in which the information content is entirely user-controlled. Requests are received from individual users of the computer network to electronically publish information, and input is accepted from the individual users. Entries from the users containing the information to be electronically published are automatically collected, classified and stored in the database in searchable and retrievable form. Entries are made freely accessible on the computer network. In response to user requests, the database is searched and entries are retrieved. Entries are served to users in a hardware-independent page description language. The entries are password protected, allowing users to retrieve and update entries by supplying a correct password. Preferably, the process is entirely automated with any necessary billing being performed by secure, on-line credit card processing.