John H McDonald
Radiology at Longchamp Dr, Jacksonville, FL

6513122, Jan 28, 2003

Jun 29, 2001

09/895500

James S. Magdych - Chino CA
Tarik Rahmanovic - Germantown MD
John R. McDonald - Jacksonville FL
Brock E. Tellier - Stamford CT
Anthony C. Osborne - Sydney, AU
Nishad P. Herath - Sydney, AU

Networks Associates Technology, Inc. - Santa Clara CA

H04L 900

713201, 713200, 713188

A system, method and computer program product are provided for detecting attacks on a network. Initially, data is received from a remote source which is destined for a target. A portion of such data is then discarded based on a predetermined set of rules utilizing a firewall which is coupled to the remote source. Remaining data is subsequently passed to an intrusion detection system coupled between the firewall and the target. Such data is parsed to identify data representing text (i. e. ASCII or UNICODE text) therein utilizing the intrusion detection system. Thereafter, the data representing text- is compared to a predetermined list of data representing text-associated with attacks utilizing the intrusion detection system. Based on the comparison, some of the data representing text are marked as hostile. The data representing text-that are marked as hostile are then acted upon in order to prevent an attack.

7124181, Oct 17, 2006

Jun 29, 2001

09/895536

James S. Magdych - Chino CA, US
Tarik Rahmanovic - Germantown MD, US
John R. McDonald - Jacksonville FL, US
Brock E. Tellier - Stamford CT, US
Anthony C. Osborne - Sydney, AU
Nishad P. Herath - Sydney, AU

McAfee, Inc. - Santa Clara CA

G06F 15/16

709224, 726 25

A system, method and computer program product are provided for executing a risk-assessment scan with a variable timeout duration which is set based on network conditions. Initially, network conditions are measured in a network coupled between a source and a target. Subsequently, a risk-assessment scan is executed on the target from the source. A timeout is performed prior to making a determination that the target is failing to respond to the risk-assessment scan. Such timeout includes a variable duration which is set as a function of the measured network conditions.

7003561, Feb 21, 2006

Jun 29, 2001

09/895535

James S. Magdych - Chino CA, US
Tarik Rahmanovic - Germantown MD, US
John R. McDonald - Jacksonville FL, US
Brock E. Tellier - Stamford CT, US
Anthony C. Osborne - Sydney, AU
Nishad P. Herath - Sydney, AU

McAfee, Inc. - Santa Clara CA

G06F 15/16

709223, 726 22, 726 25

A system, method and computer program product are provided for minimizing the duration of a risk-assessment scan. Initially, a plurality of risk-assessment modules are selected each including vulnerability checks associated with a risk-assessment scan. Thereafter, a first set of ports is determined. Such first set of ports is required for communicating with network components subject to the risk-assessment modules associated with the risk-assessment scan. A port scan is subsequently executed on the first set of ports. Based on such port scan, a second set of ports is determined which includes ports unavailable for communicating with the network components subject to the risk-assessment modules associated with the risk-assessment scan. The risk-assessment modules associated with the second set of ports may then be disabled to minimize the duration of the risk-assessment scan.

8266703, Sep 11, 2012

Sep 12, 2007

11/854412

James S. Magdych - Chino CA, US
Tarik Rahmanovic - Germantown MD, US
John R. McDonald - Jacksonville FL, US
Brock E. Tellier - Stamford CT, US

McAfee, Inc. - Santa Clara CA

G06F 12/14

726 25

A system, method and computer program product are provided for prioritized network security. Initially, a risk assessment scan is conducted for identifying vulnerabilities on a network device. Next, network communications are identified that exploit the vulnerabilities identified by the risk assessment scan before identifying network communications that exploit other vulnerabilities. In other words, network communications are monitored for identifying any exploitation of the vulnerabilities identified by the risk assessment scan before identifying any exploitation of other vulnerabilities.

7096503, Aug 22, 2006

Jun 29, 2001

09/895508

James S. Magdych - Chino CA, US
Tarik Rahmanovic - Germantown MD, US
John R. McDonald - Jacksonville FL, US
Brock E. Tellier - Stamford CT, US
Anthony C. Osborne - Sydney, AU
Nishad P. Herath - Sydney, AU

McAfee, Inc. - Santa Clara CA

G06F 11/36

726 25, 726 22, 713189, 713194

A system, method and computer program product are provided for remotely detecting vulnerabilities on a local computer. Initially, an agent is installed on a local computer for receiving encrypted commands from a remote computer utilizing a network. Next, the commands are decrypted and processed on the local computer utilizing the agent. A risk-assessment scan is then performed on the local computer utilizing the agent in accordance with the processed commands for the purpose of remotely detecting local vulnerabilities on the local computer.

7549168, Jun 16, 2009

Jun 29, 2006

11/477888

James S. Magdych - Chino CA, US
Tarik Rahmanovic - Germantown MD, US
John R. McDonald - Jacksonville FL, US
Brock E. Tellier - Stamford CT, US
Anthony C. Osborne - Sydney, AU
Nishad P. Herath - Syndey, AU

McAfee, Inc. - Santa Clara CA

G06F 11/00

726 25, 726 22

A system, method and computer program product are provided. Commands are received for executing a risk-assessment scan from a remote computer utilizing a network. The commands are processed on a local computer utilizing an agent. Further, the risk-assessment scan is performed on the local computer in accordance with the processed commands to remotely detect local vulnerabilities on the local computer. Such agent includes a plurality of risk-assessment modules. Further, the commands execute the risk-assessment modules in a specific manner that is configured at the remote computer.

7779468, Aug 17, 2010

Sep 14, 2007

11/855949

James S. Magdych - Chino CA, US
Tarik Rahmanovic - Germantown MD, US
John R. McDonald - Jacksonville FL, US
Brock E. Tellier - Stamford CT, US

McAfee, Inc. - Santa Clara CA

G06F 11/00, G08B 23/00, G06F 15/173

726 22, 726 23, 726 24, 726 25, 713 1, 709223, 709224

A system and associated method/computer program product are provided including an intrusion detection tool for determining whether network communications violate at least one of a plurality of policies. Such policies are defined to detect potential attacks in the network communications. Further included is a vulnerability assessment scanning tool coupled to the intrusion detection tool. The vulnerability assessment scanning tool is adapted for performing a vulnerability assessment scan for identifying vulnerabilities.