Detection of hidden wireless routers

US 20050060434A1
Filed: 01/14/2004
Published: 03/17/2005
Est. Priority Date: 09/12/2003
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a protocol data unit that comprises a destination address; and

transmitting an alarm when said destination address is not associated with a secure access server.

View all claims

22 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A technique is disclosed for detecting hidden wireless routers that constitute security threats in telecommunications networks that comprise a wireless network portion and a wireline network portion. In accordance with the illustrative embodiment of the invention, a test station is used in the wireless portion of a network to detect the presence of a hidden wireless router. Furthermore, in some embodiments, a test server is used in the wireline portion of the network in order to detect packets that are illegitimately routed from the wireless portion to the wireline portion of the network through the hidden wireless router.

29 Citations

View as Search Results

17 Claims

1. A method comprising:
- receiving a protocol data unit that comprises a destination address; and
  
  transmitting an alarm when said destination address is not associated with a secure access server.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 wherein said destination address is a data link layer address.
  - 3. The method of claim 1 wherein said destination address is a network layer address.
  - 4. The method of claim 1 wherein said destination address is associated with a device that is associated with:
    - (i) a network layer address in a first network, and (ii) a network layer address in a second network, wherein said first network and said second network are different.
  - 5. The method of claim 4 wherein said alarm comprises at least one of (i) said network layer address in a first network, and (ii) said network layer address in a second network.

6. A method comprising:
- (a) receiving a protocol data unit that comprises a data link layer destination address and a network layer destination address; and
  
  (b) transmitting an alarm when;
  
  (i) said data link layer destination address is not associated with a secure access server, and (ii) said network layer destination address is not associated with said secure access server.
- View Dependent Claims (7)
- - 7. The method of claim 6 wherein said data link layer destination address is associated with a device that is associated with:
    - (i) a network layer address in a first network, and (ii) a network layer address in a second network; and
      
      wherein said alarm comprises at least one of (i) said network layer address in a first network, and (ii) said network layer address in a second network.

8. A method comprising:
- receiving in a first network a protocol data unit that comprises a network layer destination address; and
  
  transmitting an alarm when said network layer destination address is a network layer address in a second network.
- View Dependent Claims (9)
- - 9. The method of claim 8 wherein said protocol data unit further comprises a data link layer destination address;
    - wherein said data link layer destination address is associated with a device that is associated with;
      
      (i) a network layer address in a first network, and (ii) a network layer address in a second network; and
      
      wherein said alarm comprises at least one of (i) said network layer address in a first network, and (ii) said network layer address in a second network.

10. A method comprising:
- receiving a first protocol data unit that comprises a data link layer destination address and a first network layer destination address;
  
  receiving a second protocol data unit that comprises said data link layer destination address and a second network layer destination address; and
  
  triggering an alarm when said data link layer address is different than the data link layer addresses of all authorized routers and said first network layer destination address is different than said second network layer destination address.
- View Dependent Claims (11)
- - 11. The method of claim 10 wherein said data link layer destination address is associated with a device that is associated with:
    - (i) a network layer address in a first network, and (ii) a network layer address in a second network; and
      
      wherein said alarm comprises at least one of (i) said network layer address in a first network, and (ii) said network layer address in a second network.

12. A method comprising:
- receiving a protocol data unit that comprises a data link layer destination address and a network layer destination address; and
  
  triggering an alarm when said data link layer destination address is associated with a different device than is said network layer destination address.
- View Dependent Claims (13)
- - 13. The method of claim 12 wherein said data link layer destination address is associated with a device that is associated with:
    - (i) a network layer address in a first network, and (ii) a network layer address in a second network; and
      
      wherein said alarm comprises at least one of (i) said network layer address in a first network, and (ii) said network layer address in a second network.

14. A method comprising:
- deploying a first station in a first network;
  
  deploying a server in a second network connected to said first network through a secure access server;
  
  transmitting from said first station a protocol data unit addressed to a second station in said first network, wherein said protocol data unit comprises an address of said server; and
  
  triggering an alarm if said protocol data unit is received at said server.
- View Dependent Claims (15, 16, 17)
- - 15. The method of claim 14 wherein said protocol data unit further comprises a network layer source address of said second station;
    - and wherein said alarm comprises said network layer source address.
  - 16. The method of claim 15 further comprising obtaining the wireline network port number corresponding to said network layer source address.
  - 17. The method of claim 16 further comprising disabling the network jack associated with said wireline network port number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Krishnakumar, Anjur Sundaresan, Krishnan, P, Kappes, Martin, Ganu, Sachin Nandkumar, Fazal, Lookman

Granted Patent

US 7,840,698 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/247
CPC Class Codes

H04L 41/06   Management of faults, event...

H04L 41/12   Discovery or management of ...

H04L 63/0272   Virtual private networks

H04L 63/08   for authentication of entit...

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

H04W 12/122   Counter-measures against at...

Detection of hidden wireless routers

First Claim

22 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Detection of hidden wireless routers

First Claim

22 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links