Anti-spoofing system and method
First Claim
1. A method for preventing network address spoofing in respect of a plurality of mobile units within a wireless network, said wireless network including an access controller and first and second radio units, said method comprising:
- (a) associating a first mobile unit to the first radio unit, determining the network address of said first mobile unit and maintaining a connectivity record that contains said network address and that indicates an association with said first radio unit;
(b) receiving an associate request from a second mobile unit to associate with the second radio unit and determining the network address of said second mobile unit;
(c) determining if the network address of the second mobile unit is the same as the network address of the first mobile unit;
(d) if the determination in (c) is true then retrieving the connectivity record associated with the network address of said first and mobile units and determining whether said connectivity record indicates an association with the first radio unit; and
(e) if the determination in (d) is true then executing an anti-spoofing protocol.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for preventing network address spoofing within a wireless local area network (LAN) that includes an access controller and first and second radio units. The method first associates a first mobile unit to the first radio unit, determines the network address of the first mobile unit and maintains a connectivity record that contains the network address and identifies that the first radio unit has been associated with. If a second mobile unit requests association with the second radio unit then the network address of the second mobile unit is determined. If the network address of the second mobile unit is the same as the network address of the first mobile unit then the connectivity record associated with the network address of said first and second mobile units is checked. If the connectivity record indicates an association with the first radio unit then an anti-spoofing protocol is executed.
108 Citations
20 Claims
-
1. A method for preventing network address spoofing in respect of a plurality of mobile units within a wireless network, said wireless network including an access controller and first and second radio units, said method comprising:
-
(a) associating a first mobile unit to the first radio unit, determining the network address of said first mobile unit and maintaining a connectivity record that contains said network address and that indicates an association with said first radio unit;
(b) receiving an associate request from a second mobile unit to associate with the second radio unit and determining the network address of said second mobile unit;
(c) determining if the network address of the second mobile unit is the same as the network address of the first mobile unit;
(d) if the determination in (c) is true then retrieving the connectivity record associated with the network address of said first and mobile units and determining whether said connectivity record indicates an association with the first radio unit; and
(e) if the determination in (d) is true then executing an anti-spoofing protocol. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A wireless network for preventing network address spoofing of a first mobile unit by a second mobile unit, said network comprising:
-
(a) first and second radio units;
(b) an access controller coupled to said first and second radio units and being adapted to;
(i) associate the first mobile unit to the first radio unit, determine the network address of said first mobile unit and maintain a connectivity record that contains said network address and that indicates an association with said first radio unit;
(ii) receive an associate request from a second mobile unit to associate with the second radio unit and determine the network address of said second mobile unit;
(iii) determine if the network address of the second mobile unit is the same as the network address of the first mobile unit;
(iv) retrieve the connectivity record associated with the network address of said first and mobile units if the determination in (iii) is true and determine whether said connectivity record indicates an association with the first radio unit; and
(v) execute an anti-spoofing protocol if the determination if (iv) is true. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification