Patents by Inventor Terry Paul Rodery, Jr.
Terry Paul Rodery, Jr. has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240121265Abstract: An authoritative domain name system (DNS) server receives DNS requests for domains. The authoritative DNS server transmits DNS responses to the DNS requests with address records that include IP addresses that are selected from a larger pool of IP addresses, where a first DNS response can include IP addresses different from IP addresses included in a second DNS response for the same domain. Also, the same IP addresses may be returned for a first domain and a different, second domain. The authoritative DNS server may select the IP addresses to include in DNS responses to the DNS requests using a round-robin process.Type: ApplicationFiled: November 13, 2023Publication date: April 11, 2024Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.
-
Patent number: 11818167Abstract: An authoritative DNS server receives DNS requests for domains. The authoritative DNS server responds to the requests with address records that include IP addresses that are selected from a larger pool of IP addresses, where a first response to a DNS query for a domain can include IP addresses different from IP addresses included in a second response for the same domain. Also, the same IP addresses may be returned for a first domain and a different, second domain. The authoritative DNS server may randomly select the IP addresses to include in responses to the requests regardless of the domain.Type: GrantFiled: October 25, 2021Date of Patent: November 14, 2023Assignee: CLOUDFLARE, INC.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Publication number: 20220217176Abstract: An authoritative DNS server receives DNS requests for domains. The authoritative DNS server responds to the requests with address records that include IP addresses that are selected from a larger pool of IP addresses, where a first response to a DNS query for a domain can include IP addresses different from IP addresses included in a second response for the same domain. Also, the same IP addresses may be returned for a first domain and a different, second domain. The authoritative DNS server may randomly select the IP addresses to include in responses to the requests regardless of the domain.Type: ApplicationFiled: October 25, 2021Publication date: July 7, 2022Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.
-
Patent number: 11159563Abstract: A cloud-based proxy service identifies a denial-of-service (DoS) attack including determining that there is a potential DoS attack being directed to an IP address of the cloud-based proxy service; and responsive to determining that there are a plurality of domains that resolve to that IP address, identifying the one of the plurality of domains that is the target of the DoS attack. The domain that is under attack is identified by scattering the plurality of domains to resolve to different IP addresses, where a result of the scattering is that each of those domains resolves to a different IP address, and identifying one of those plurality of domains as the target of the DoS attack by determining that there is an abnormally high amount of traffic being directed to the IP address in which that domain resolves.Type: GrantFiled: February 25, 2020Date of Patent: October 26, 2021Assignee: CLOUDFLARE, INC.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Publication number: 20200322374Abstract: A cloud-based proxy service identifies a denial-of-service (DoS) attack including determining that there is a potential DoS attack being directed to an IP address of the cloud-based proxy service; and responsive to determining that there are a plurality of domains that resolve to that IP address, identifying the one of the plurality of domains that is the target of the DoS attack. The domain that is under attack is identified by scattering the plurality of domains to resolve to different IP addresses, where a result of the scattering is that each of those domains resolves to a different IP address, and identifying one of those plurality of domains as the target of the DoS attack by determining that there is an abnormally high amount of traffic being directed to the IP address in which that domain resolves.Type: ApplicationFiled: February 25, 2020Publication date: October 8, 2020Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.
-
Patent number: 10581904Abstract: Message(s) are received from each one of multiple proxy servers, which are anycasted to the same IP address, that indicate source IP addresses of packets that are received that are directed to that same IP address. These proxy servers receive the packets as result of domain(s) resolving to that same IP address, and a particular one of the proxy servers receives the packets as a result of an anycast protocol implementation selecting that proxy server. Based on these message(s) from each of the proxy servers, a determination of the likelihood of a packet having a particular source IP address being legitimately received at each of the proxy servers is determined. A message is transmitted to each of the proxy servers that indicates which source IP addresses of packets are not likely to be legitimately received at that proxy server.Type: GrantFiled: May 2, 2017Date of Patent: March 3, 2020Assignee: CLOUDFARE, INC.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Patent number: 10574690Abstract: A cloud-based proxy service identifies a denial-of-service (DoS) attack including determining that there is a potential DoS attack being directed to an IP address of the cloud-based proxy service; and responsive to determining that there are a plurality of domains that resolve to that IP address, identifying the one of the plurality of domains that is the target of the DoS attack. The domain that is under attack is identified by scattering the plurality of domains to resolve to different IP addresses, where a result of the scattering is that each of those domains resolves to a different IP address, and identifying one of those plurality of domains as the target of the DoS attack by determining that there is an abnormally high amount of traffic being directed to the IP address in which that domain resolves.Type: GrantFiled: April 17, 2017Date of Patent: February 25, 2020Assignee: CLOUDFLARE, INC.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Patent number: 10511624Abstract: A proxy server in a cloud-based proxy service receives a message that indicates that a domain, whose traffic passes through the proxy server, may be under a denial-of-service (DoS) attack. The proxy server enables a rule for the domain that specifies that future requests for resources at that domain are subject to at least initially passing a set of one or more challenges. In response to receiving a request for a resource of that domain from a visitor, the proxy server presents the set of challenges that, if not passed, are an indication that that the visitor is part of the DoS attack. If the set of challenges are passed, the request may be processed. If the set of challenges are not passed, the request may be dropped.Type: GrantFiled: November 12, 2018Date of Patent: December 17, 2019Assignee: CLOUDFLARE, INC.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Publication number: 20190158533Abstract: A proxy server in a cloud-based proxy service receives a message that indicates that a domain, whose traffic passes through the proxy server, may be under a denial-of-service (DoS) attack. The proxy server enables a rule for the domain that specifies that future requests for resources at that domain are subject to at least initially passing a set of one or more challenges. In response to receiving a request for a resource of that domain from a visitor, the proxy server presents the set of challenges that, if not passed, are an indication that that the visitor is part of the DoS attack. If the set of challenges are passed, the request may be processed. If the set of challenges are not passed, the request may be dropped.Type: ApplicationFiled: November 12, 2018Publication date: May 23, 2019Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.
-
Patent number: 10129296Abstract: A proxy server in a cloud-based proxy service receives a message that indicates that a domain, whose traffic passes through the proxy server, may be under a denial-of-service (DoS) attack. The proxy server enables a rule for the domain that specifies that future requests for resources at that domain are subject to at least initially passing a set of one or more challenges. In response to receiving a request for a resource of that domain from a visitor, the proxy server presents the set of challenges that, if not passed, are an indication that that the visitor is part of the DoS attack. If the set of challenges are passed, the request may be processed. If the set of challenges are not passed, the request may be dropped.Type: GrantFiled: May 23, 2017Date of Patent: November 13, 2018Assignee: CLOUDFLARE, INC.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Publication number: 20180007085Abstract: A proxy server in a cloud-based proxy service receives a message that indicates that a domain, whose traffic passes through the proxy server, may be under a denial-of-service (DoS) attack. The proxy server enables a rule for the domain that specifies that future requests for resources at that domain are subject to at least initially passing a set of one or more challenges. In response to receiving a request for a resource of that domain from a visitor, the proxy server presents the set of challenges that, if not passed, are an indication that that the visitor is part of the DoS attack. If the set of challenges are passed, the request may be processed. If the set of challenges are not passed, the request may be dropped.Type: ApplicationFiled: May 23, 2017Publication date: January 4, 2018Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.
-
Publication number: 20170237757Abstract: Message(s) are received from each one of multiple proxy servers, which are anycasted to the same IP address, that indicate source IP addresses of packets that are received that are directed to that same IP address. These proxy servers receive the packets as result of domain(s) resolving to that same IP address, and a particular one of the proxy servers receives the packets as a result of an anycast protocol implementation selecting that proxy server. Based on these message(s) from each of the proxy servers, a determination of the likelihood of a packet having a particular source IP address being legitimately received at each of the proxy servers is determined. A message is transmitted to each of the proxy servers that indicates which source IP addresses of packets are not likely to be legitimately received at that proxy server.Type: ApplicationFiled: May 2, 2017Publication date: August 17, 2017Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.
-
Publication number: 20170223050Abstract: A cloud-based proxy service identifies a denial-of-service (DoS) attack including determining that there is a potential DoS attack being directed to an IP address of the cloud-based proxy service; and responsive to determining that there are a plurality of domains that resolve to that IP address, identifying the one of the plurality of domains that is the target of the DoS attack. The domain that is under attack is identified by scattering the plurality of domains to resolve to different IP addresses, where a result of the scattering is that each of those domains resolves to a different IP address, and identifying one of those plurality of domains as the target of the DoS attack by determining that there is an abnormally high amount of traffic being directed to the IP address in which that domain resolves.Type: ApplicationFiled: April 17, 2017Publication date: August 3, 2017Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.
-
Patent number: 9661020Abstract: A proxy server in a cloud-based proxy service receives a message that indicates that a domain, whose traffic passes through the proxy server, may be under a denial-of-service (DoS) attack. The proxy server enables a rule for the domain that specifies that future requests for resources at that domain are subject to at least initially passing a set of one or more challenges. In response to receiving a request for a resource of that domain from a visitor, the proxy server presents the set of challenges that, if not passed, are an indication that that the visitor is part of the DoS attack. If the set of challenges are passed, the request may be processed. If the set of challenges are not passed, the request may be dropped.Type: GrantFiled: October 7, 2014Date of Patent: May 23, 2017Assignee: CLOUDFLARE, INC.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Patent number: 9641549Abstract: Message(s) are received from each one of multiple proxy servers, which are anycasted to the same IP address, that indicate source IP addresses of packets that are received that are directed to that same IP address. These proxy servers receive the packets as result of domain(s) resolving to that same IP address, and a particular one of the proxy servers receives the packets as a result of an anycast protocol implementation selecting that proxy server. Based on these message(s) from each of the proxy servers, a determination of the likelihood of a packet having a particular source IP address being legitimately received at each of the proxy servers is determined. A message is transmitted to each of the proxy servers that indicates which source IP addresses of packets are not likely to be legitimately received at that proxy server.Type: GrantFiled: February 4, 2014Date of Patent: May 2, 2017Assignee: CLOUDFLARE, INC.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Patent number: 9628509Abstract: A cloud-based proxy service identifies a denial-of-service (DoS) attack including determining that there is a potential DoS attack being directed to an IP address of the cloud-based proxy service; and responsive to determining that there are a plurality of domains that resolve to that IP address, identifying the one of the plurality of domains that is the target of the DoS attack. The domain that is under attack is identified by scattering the plurality of domains to resolve to different IP addresses, where a result of the scattering is that each of those domains resolves to a different IP address, and identifying one of those plurality of domains as the target of the DoS attack by determining that there is an abnormally high amount of traffic being directed to the IP address in which that domain resolves.Type: GrantFiled: December 17, 2013Date of Patent: April 18, 2017Assignee: CLOUDFLARE, INC.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Publication number: 20150026766Abstract: A proxy server in a cloud-based proxy service receives a message that indicates that a domain, whose traffic passes through the proxy server, may be under a denial-of-service (DoS) attack. The proxy server enables a rule for the domain that specifies that future requests for resources at that domain are subject to at least initially passing a set of one or more challenges. In response to receiving a request for a resource of that domain from a visitor, the proxy server presents the set of challenges that, if not passed, are an indication that that the visitor is part of the DoS attack. If the set of challenges are passed, the request may be processed. If the set of challenges are not passed, the request may be dropped.Type: ApplicationFiled: October 7, 2014Publication date: January 22, 2015Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.
-
Patent number: 8856924Abstract: A proxy server in a cloud-based proxy service receives a message that indicates that a domain, whose traffic passes through the proxy server, may be under a denial-of-service (DoS) attack. The proxy server enables a rule for the domain that specifies that future requests for resources at that domain are subject to at least initially passing a set of one or more challenges. In response to receiving a request for a resource of that domain from a visitor, the proxy server presents the set of challenges that, if not passed, are an indication that that the visitor is part of the DoS attack. If the set of challenges are passed, the request may be processed. If the set of challenges are not passed, the request may be dropped.Type: GrantFiled: October 31, 2012Date of Patent: October 7, 2014Assignee: CloudFlare, Inc.Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, Jr.
-
Publication number: 20140157416Abstract: Message(s) are received from each one of multiple proxy servers, which are anycasted to the same IP address, that indicate source IP addresses of packets that are received that are directed to that same IP address. These proxy servers receive the packets as result of domain(s) resolving to that same IP address, and a particular one of the proxy servers receives the packets as a result of an anycast protocol implementation selecting that proxy server. Based on these message(s) from each of the proxy servers, a determination of the likelihood of a packet having a particular source IP address being legitimately received at each of the proxy servers is determined. A message is transmitted to each of the proxy servers that indicates which source IP addresses of packets are not likely to be legitimately received at that proxy server.Type: ApplicationFiled: February 4, 2014Publication date: June 5, 2014Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.
-
Publication number: 20140109225Abstract: A cloud-based proxy service identifies a denial-of-service (DoS) attack including determining that there is a potential DoS attack being directed to an IP address of the cloud-based proxy service; and responsive to determining that there are a plurality of domains that resolve to that IP address, identifying the one of the plurality of domains that is the target of the DoS attack. The domain that is under attack is identified by scattering the plurality of domains to resolve to different IP addresses, where a result of the scattering is that each of those domains resolves to a different IP address, and identifying one of those plurality of domains as the target of the DoS attack by determining that there is an abnormally high amount of traffic being directed to the IP address in which that domain resolves.Type: ApplicationFiled: December 17, 2013Publication date: April 17, 2014Inventors: Lee Hahn Holloway, Srikanth N. Rao, Matthew Browning Prince, Matthieu Philippe François Tourne, Ian Gerald Pye, Ray Raymond Bejjani, Terry Paul Rodery, JR.