E-mail virus protection system and method
DC CAFCFirst Claim
Patent Images
1. A method for protecting a network from a virus contained in an e-mail message as executable code, the method comprising:
- receiving the e-mail message;
converting the executable code from an executable format to a non-executable format by using an application-level process which retains an appearance, human readability, and semantic content of the e-mail message; and
forwarding the non-executable format to a recipient of the e-mail message.
4 Assignments
Litigations
0 Petitions
Reexamination
Accused Products
Abstract
A network is protected from e-mail viruses through the use of a sacrificial server. Any executable programs or other suspicious parts of incoming e-mail messages are forwarded to a sacrificial server, where they are converted to non-executable format such as Adobe Acrobat PDF and sent to the recipient. The sacrificial server is then checked for virus activity. After the execution is completed, the sacrificial server is rebooted.
684 Citations
41 Claims
-
1. A method for protecting a network from a virus contained in an e-mail message as executable code, the method comprising:
-
receiving the e-mail message; converting the executable code from an executable format to a non-executable format by using an application-level process which retains an appearance, human readability, and semantic content of the e-mail message; and forwarding the non-executable format to a recipient of the e-mail message. - View Dependent Claims (2, 3, 4, 5, 6, 9, 10, 11, 12, 13, 14, 15)
-
-
7. A method for protecting a network from a virus contained in an e-mail message as executable code, the method comprising:
-
receiving the e-mail message in a gatekeeper server; converting the executable code from an executable format to a non-executable format; and forwarding the non-executable format to a recipient of the e-mail message, wherein the executable code is contained in an attachment in the email message; wherein the converting comprises; forwarding the attachment from the gatekeeper server to a sacrificial server; converting the attachment to the non-executable format on the sacrificial server; examining the sacrificial server for virus activity; and rebooting the sacrificial sever from a safe copy of an operating system obtained from a read-only device.
-
-
8. A method for protecting a network from a virus contained in an e-mail message as executable code, the method comprising:
-
receiving the e-mail message in a gatekeeper server; converting the executable code from an executable format to a non-executable format; and forwarding the non-executable format to a recipient of the e-mail message, wherein the executable code is contained in an attachment in the email message; wherein the converting comprises; forwarding the attachment from the gatekeeper server to a sacrificial server; converting the attachment to the non-executable format on the sacrificial server; examining the sacrificial server for virus activity; and wherein communications between the gatekeeper server and the sacrificial server are authenticated using a challenge-and-response technique.
-
-
16. A system for protecting a network from a virus contained in an e-mail message as executable code, the system comprising:
-
a workstation computer on the network used by a recipient of the e-mail message; and a computer on the network for converting the executable code from an executable format to a non-executable format by using an application-level process which retains an appearance, human readability and semantic content of the e-mail message and forwarding the non-executable format to the recipient. - View Dependent Claims (17, 18, 19, 20, 21, 24, 25, 26, 27, 28, 29, 30)
-
-
22. A system for protecting a network from a virus contained in an e-mail message as executable code, the system comprising:
-
a workstation computer on the network used by a recipient of the e-mail message; a gatekeeper server, in communication with the workstation computer over the network, for receiving the e-mail message; and a computer on the network for converting the executable code from an executable format to a non-executable format and forwarding the non-executable format to the workstation computer, wherein the computer for converting is a sacrificial server which is separate from the gatekeeper sever, wherein the sacrificial server is examined for virus activity, wherein the network further comprises a read-only device, and wherein the sacrificial server is rebooted from a safe copy of an operating system obtained from the read-only device.
-
-
23. A system for protecting a network from a virus contained in an e-mail message as executable code, the system comprising:
-
a workstation computer on the network used by a recipient of the e-mail message; a gatekeeper server, in communication with the workstation computer over the network, for receiving the e-mail message; and a computer on the network for converting the executable code from an executable format to a non-executable format and forwarding the non-executable format to the workstation computer, wherein the computer for converting is a sacrificial server which is separate from the gatekeeper sever, wherein the sacrificial server is examined for virus activity, wherein communications between the gatekeeper server and the sacrificial server are authenticated using a challenge-and-response technique.
-
-
31. A sacrificial server for use on a network, the sacrificial server comprising:
-
communication means for receiving an e-mail attachment from the network; and processing means for converting the e-mail attachment from an executable format to a non-executable format by using an application-level process which retains an appearance, human readability and semantic content of the e-mail message and for returning the e-mail attachment to the network. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
-
Specification