1. Field of the Invention
The present invention relates generally to computer systems, and more particularly but not exclusively to computer networks.
2. Description of the Background Art
As is well known, computers belonging to a computer network may send data to one another. Data may be encapsulated and forwarded to other computers in packets. A packet may include a header indicating the source and the destination of the packet. For example, in an Ethernet packet, the MAC (Media Access Control) addresses of the source computer and the destination computer may be indicated in an Ethernet header. Generally speaking, a MAC address is a hardware address that uniquely identifies a computer in a computer network.
Computers in a computer network may communicate using the so-called OSI (Open System Interconnection) model, which is schematically illustrated in FIG. 1. The OSI model is well known in the art so it is only briefly described here. The OSI model has seven layers namely, layer 1 to layer 7. Layer 1 is the so-called “physical layer” and has to do with the physical medium that connects the computers together. Layer 7 is the so-called “application layer” and comprises applications enabled to communicate over the network. Layers 2-6 allow data from applications in layer 7 to be formatted into a packet, which is forwarded to a destination computer over physical media comprising layer 1. The destination computer may receive the packet and extract the data from it also in accordance with the OSI model. Components for allowing a computer to communicate over a network, such as components corresponding to the layers of the OSI model, are also referred to herein as a “networking stack.” A TCP/IP stack is an example networking stack in an Ethernet network.
FIG. 2 schematically illustrates a boot up sequence for a computer coupled to a network. In step 202, a network interface card (NIC) driver in the computer is initialized. The NIC and its driver operate at layer 2 of the OSI model. In step 203, network protocol drivers, which operate at layer 3 of the OSI model, are initialized. In step 204, network-enabled applications at layer 7 of the OSI model are initialized. The aforementioned initialization process is performed in sequence. That is, network protocol drivers are initialized after the NIC driver; network-enabled applications are initialized after the network protocol drivers.
A computer may generate and transmit packets before its networking stack is completely initialized. Example packets that are generated prior to complete networking stack initialization include DHCP (Dynamic Host Configuration Protocol) and ARP (Address Resolution Protocol) packets. These packets, which are also referred to as “pre-IP” packets in an Ethernet network, may be generated by a computer prior to full initialization of network protocol drivers in layer 3. For example, in a computer configured as a DHCP client, initialization of network protocol drivers in step 203 requires the computer to send out DHCP request packets to a DHCP server to retrieve IP parameters, such as IP address, DNS server information, and default gateway server information. It is possible for these pre-IP packets to carry malicious content, such as a computer virus. Unfortunately, most computers are not capable of scanning packets for malicious content prior to complete initialization of the networking stack. Furthermore, antivirus enforcement policies implemented at a switch level may not allow a computer to transmit these pre-IP packets over the network, thereby preventing the computer from properly booting up.