1. Field of the Invention
This invention relates to a communications system which has a server that has a plurality of ports, and more particularly to a method of and an apparatus for authenticating a client terminal by making use of port access to the server from the client terminal.
2. Description of the Related Art
For a client terminal, such as a personal computer (PC), to access a server, the following procedure is generally required. First, a client terminal accesses, among the ports that the server has, the port with a port number predetermined for communication use (or communications port). Then, the server requests the client terminal to input a password and other information and authenticates the terminal. After passing the authentication and getting a right of access, the client terminal can access various resources the server has.
As described above, it is a common practice to predetermine the port number for a port (communications port) for a client terminal to communicate with the server. For this reason, once an unauthorized server user, or a third party, knowns the predetermined communications port, he or she can access the port. In that case, since the accessing person is generally identified by a subsequent password authentication, the third party that does not know the password fails to pass authentication. In this case, with the client terminal, the third party cannot use various resources the server has. That is, access by the unauthorized server user, or the third party, to the server is limited by the password authentication even when the third party knows the port number of the communications port.
In the case of an ill-intentioned third party, he or she can access the communications port by means of the client terminal and, for example, send a large number of passwords mechanically by program processing, and thereby succeed in passing password authentication. In this case, there is a risk that the malicious third party will use freely the resources and other services the server has.