Identifying communicating network nodes in the same local network
First Claim
1. A method for distributing a common set of data to multiple network nodes of a networked system by a data distribution system, where the data distribution system comprises (A) a data distribution server software module installed on a data distribution remote computing device and (B) a data distribution agent software module installed on at least a first network node and a second network node of the networked system, the method for distributing the common set of data comprising:
- a. receiving, by the data distribution server software module and from the first network node, first information about a first data packet, the first data packet being one member of the group consisting of (i) a data packet received by the first network node from another network node sharing a common broadcast domain with the first network node, and (ii) a data packet sent by the first network node only to one or more other network nodes sharing a common broadcast domain with the first network node, wherein execution of computer code of the data distribution agent software module by one or more processors of the first network node causes the one or more processors of the first network node to send the first information;
b. receiving, by the data distribution server software module and from the second network node, second information about a second data packet of the second network node, the second data packet being one member of the group consisting of (i) a data packet received by the second network node from another network node sharing a common broadcast domain with the second network node, and (ii) a data packet sent by the second network node only to one or more other network nodes sharing a common broadcast domain with the second network node, wherein execution of computer code of the data distribution agent software module by one or more processors of the second network node causes the one or more processors of the second network node to send the second information;
c. checking, by the data distribution server software module, whether the first information and the second information satisfy a matching condition; and
d. in response to a determination by the checking that the first information and the second information satisfy the matching condition, carrying out the following steps;
i. concluding, by the data distribution server software module, that the first data packet and the second data packet are a same data packet, and that the first network node and the second network node share a common broadcast domain; and
ii. delivering the common set of data to multiple network nodes of the common broadcast domain, the delivering comprising;
(A) transmitting the common set of data to the first network node, and(B) causing the first network node to transmit the common set of data from the first network node to the second network node.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for executing a penetration test of a networked system by a penetration testing system so as to determine a method by which an attacker could compromise the networked system, and/or for distributing common sets of data to nodes of a networked system. The methods and systems include identifying network nodes which have shared broadcast domains.
-
Citations
20 Claims
-
1. A method for distributing a common set of data to multiple network nodes of a networked system by a data distribution system, where the data distribution system comprises (A) a data distribution server software module installed on a data distribution remote computing device and (B) a data distribution agent software module installed on at least a first network node and a second network node of the networked system, the method for distributing the common set of data comprising:
-
a. receiving, by the data distribution server software module and from the first network node, first information about a first data packet, the first data packet being one member of the group consisting of (i) a data packet received by the first network node from another network node sharing a common broadcast domain with the first network node, and (ii) a data packet sent by the first network node only to one or more other network nodes sharing a common broadcast domain with the first network node, wherein execution of computer code of the data distribution agent software module by one or more processors of the first network node causes the one or more processors of the first network node to send the first information; b. receiving, by the data distribution server software module and from the second network node, second information about a second data packet of the second network node, the second data packet being one member of the group consisting of (i) a data packet received by the second network node from another network node sharing a common broadcast domain with the second network node, and (ii) a data packet sent by the second network node only to one or more other network nodes sharing a common broadcast domain with the second network node, wherein execution of computer code of the data distribution agent software module by one or more processors of the second network node causes the one or more processors of the second network node to send the second information; c. checking, by the data distribution server software module, whether the first information and the second information satisfy a matching condition; and d. in response to a determination by the checking that the first information and the second information satisfy the matching condition, carrying out the following steps; i. concluding, by the data distribution server software module, that the first data packet and the second data packet are a same data packet, and that the first network node and the second network node share a common broadcast domain; and ii. delivering the common set of data to multiple network nodes of the common broadcast domain, the delivering comprising; (A) transmitting the common set of data to the first network node, and (B) causing the first network node to transmit the common set of data from the first network node to the second network node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A data distribution system for distributing a common set of data to multiple network nodes of a networked system, the networked system comprising a plurality of network nodes interconnected by one or more networks, the data distribution system comprising:
-
a. a first distribution-agent non-transitory computer-readable storage medium for storage of instructions for execution by one or more processors of a first network node, the first network node being in electronic communication with a data distribution remote computing device, the first distribution-agent non-transitory computer-readable storage medium having stored therein first instructions, that when executed by the one or more processors of the first network node, cause the one or more processors of the first network node to send, to the data distribution remote computing device, first information about a first data packet, the first data packet being one member of the group consisting of (i) a data packet received by the first network node from another network node sharing a common broadcast domain with the first network node, and (ii) a data packet sent by the first network node only to one or more other network nodes sharing a common broadcast domain with the first network node; b. a second distribution-agent non-transitory computer-readable storage medium for storage of instructions for execution by one or more processors of a second network node, the second network node being in electronic communication with the data distribution remote computing device, the second reconnaissance-agent non-transitory computer-readable storage medium having stored therein second instructions, that when executed by the one or more processors of the second network node, cause the one or more processors of the second network node to send, to the data distribution remote computing device, second information about a second data packet of the second network node, the second data packet being one member of the group consisting of (i) a data packet received by the second network node from another network node sharing a common broadcast domain with the second network node, and (ii) a data packet sent by the second network node only to one or more other network nodes sharing a common broadcast domain with the second network node; c. a distribution-server non-transitory computer-readable storage medium for storage of instructions for execution by one or more processors of the data distribution remote computing device, the distribution-server non-transitory computer-readable storage medium having stored therein; i. third instructions, that when executed by the one or more processors of the data distribution remote computing device, cause the one or more processors of the data distribution remote computing device to receive, from the first network node, the first information sent by the first network node, ii. fourth instructions, that when executed by the one or more processors of the data distribution remote computing device, cause the one or more processors of the data distribution remote computing device to receive, from the second network node, the second information sent by the second network node, iii. fifth instructions, that when executed by the one or more processors of the data distribution remote computing device, cause the one or more processors of the data distribution remote computing device to check whether the first information and the second information satisfy a matching condition, and iv. sixth instructions, that when executed by the one or more processors of the data distribution remote computing device, cause the one or more processors of the data distribution remote computing device to carry out the following steps in response to a determination made by executing the fifth instructions that the first information and the second information satisfy the matching condition; A. concluding that the first data packet and the second data packet are a same data packet, and that the first network node and the second network node share a common broadcast domain, and B. delivering the common set of data to multiple network nodes of the common broadcast domain shared by the first network node and the second network node, the delivering comprising; (I) transmitting the common set of data to the first network node, and (II) causing the first network node to transmit the common set of data from the first network node to the second network node.
-
Specification