Method applicable to wireless lan for security control and attack detection
First Claim
Patent Images
1. A method applicable to wireless LAN for security control and attack detection, comprising:
- (a) Establishing an association between a new wireless station and a wireless base station by a Network Management Console (NMC) when the new wireless station is found having a correct Service Set Identifier (SSID), a correct key value of the Wired Equivalent Privacy (WEP), and a pre-registered Media Access Control address (MAC address) on an Access Point;
(b) Exporting a Standard Network Management Protocol (SNMP) Trap from the wireless base station to inform the NMC of the participation of the new wireless station;
(c) Dispatching a request from the new wireless station to a Dynamic Host configuration Protocol Server (DHCP Server) for an IP address;
(d) Providing a new IP address from the DHCP Server to the new wireless station in return if the request in step (c) is approved;
(e) Dispatching a request from the NMC to the new wireless station for an IP address;
(f) Reporting to the NMC of the IP address owned by the new wireless station;
in which the steps (e) and (f) are accomplished by either;
(A) Sending a request from the NMC for a Reverse Address Resolution Protocol (RARP) Packet having a given Media Access Control address (MAC address), to which the wireless station would reply with its IP address;
or (B) Dispatching a broadcast packet from the NMC to the entire network requesting for IP addresses, to which All the wireless stations in the network would return with their IP addresses so that the NMC can analyze those address packets based on the MAC addresses to thereby find out the IP address of the specified wireless station, such that the NMC has the MAC address and IP address of the new wireless station;
(g) Dispatching a request from the NMC for computer name so that the new wireless station would report its own computer name in response to the request;
(h) Performing the foregoing report action in step (g) by using a tool program set up on a driver of the new wireless station;
(i) Checking the returned computer name by the NMC to make sure whether the name is already logged in a legal name list or not, if negative, the NMC is supposed to instruct the wireless base station to deny the request for service from the illegal user (wireless station) through the SNMP, and upon receipt of a denial instruction, the wireless base station is to log off all the traffic provided to the wireless station; and
(j) Updating the warning message or beeping or dispatching a warning message in form of an E-mail when the NMC has detected an illegal wireless station.
1 Assignment
0 Petitions
Accused Products
Abstract
A method applicable to wireless LAN for security control and attack detection is firstly like an identity authentication mechanism implemented in a Radius Server, and secondly capable of eliminating the formalities of user authentication adopted by that Radius Server, and thirdly capable of detecting effectively an attack and informing the system manager of the same, or rejecting the request for service from an illegal user.
100 Citations
5 Claims
-
1. A method applicable to wireless LAN for security control and attack detection, comprising:
-
(a) Establishing an association between a new wireless station and a wireless base station by a Network Management Console (NMC) when the new wireless station is found having a correct Service Set Identifier (SSID), a correct key value of the Wired Equivalent Privacy (WEP), and a pre-registered Media Access Control address (MAC address) on an Access Point;
(b) Exporting a Standard Network Management Protocol (SNMP) Trap from the wireless base station to inform the NMC of the participation of the new wireless station;
(c) Dispatching a request from the new wireless station to a Dynamic Host configuration Protocol Server (DHCP Server) for an IP address;
(d) Providing a new IP address from the DHCP Server to the new wireless station in return if the request in step (c) is approved;
(e) Dispatching a request from the NMC to the new wireless station for an IP address;
(f) Reporting to the NMC of the IP address owned by the new wireless station;
in which the steps (e) and (f) are accomplished by either;
(A) Sending a request from the NMC for a Reverse Address Resolution Protocol (RARP) Packet having a given Media Access Control address (MAC address), to which the wireless station would reply with its IP address;
or(B) Dispatching a broadcast packet from the NMC to the entire network requesting for IP addresses, to which All the wireless stations in the network would return with their IP addresses so that the NMC can analyze those address packets based on the MAC addresses to thereby find out the IP address of the specified wireless station, such that the NMC has the MAC address and IP address of the new wireless station;
(g) Dispatching a request from the NMC for computer name so that the new wireless station would report its own computer name in response to the request;
(h) Performing the foregoing report action in step (g) by using a tool program set up on a driver of the new wireless station;
(i) Checking the returned computer name by the NMC to make sure whether the name is already logged in a legal name list or not, if negative, the NMC is supposed to instruct the wireless base station to deny the request for service from the illegal user (wireless station) through the SNMP, and upon receipt of a denial instruction, the wireless base station is to log off all the traffic provided to the wireless station; and
(j) Updating the warning message or beeping or dispatching a warning message in form of an E-mail when the NMC has detected an illegal wireless station. - View Dependent Claims (2, 3, 4, 5)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeNational Datacomm Corp. (Usi Corporation)
-
Original AssigneeNational Datacomm Corp. (Usi Corporation)
-
InventorsWu, Chi-Kai
-
Application NumberUS10/126,077Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current713/200CPC Class CodesH04L 63/1408 by monitoring network traff...H04W 12/121 Wireless intrusion detectio...H04W 12/122 Counter-measures against at...
