Automated method and system for monitoring local area computer networks for unauthorized wireless access
8 Assignments
0 Petitions
Accused Products
Abstract
The wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor'"'"'s LAN) by conducting one or more tests. The sniffers detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs. Upon identifying unauthorized AP and/or intruding wireless station an indication is transferred to the prevention process.
-
Citations
58 Claims
-
1-50. -50. (canceled)
-
51. A method for monitoring for unauthorized wireless access to computer network, the method comprising:
-
monitoring wireless communications within a selected geographic region, the selected geographic region including a wired portion of a computer network that is to be protected from unauthorized wireless access; detecting a first active wireless access point device that transmits wireless signals within the selected geographic region, the first active wireless access point device being configured to perform a network address translation (NAT) function between its wired and wireless interfaces; transmitting a first marker packet over a wireless link to the first active wireless access point device, the first marker packet being adapted to be received by the wireless interface of the first active wireless access point device and being adapted to be transferred through the first active wireless access point device to its wired interface and being destined to a predetermined computing device coupled to the computer network; determining that the first marker packet is received at the predetermined computing device coupled to the computer network; determining that the first active wireless access point device is connected to the wired portion of the computer network based at least upon the determining that the first marker packet is received at the predetermined computing device coupled to the computer network; and determining that the first active wireless access point device provides unauthorized wireless access to the wired portion of the computer network based at least upon the determining that the first active wireless access point device is connected to the wired portion. - View Dependent Claims (52, 53, 54, 55)
-
-
56. An apparatus for monitoring for unauthorized wireless access to computer network, the apparatus comprising:
-
a first radio interface; a processor unit; and a computer readable medium storing instructions executable by the processor unit to perform steps of; monitoring wireless communications using the first radio interface; detecting a first active wireless access point device within a radio coverage range of the radio interface, the first active wireless access point device being configured to perform a network address translation (NAT) function between its wired and wireless interfaces, the radio coverage range of the radio interface including at least one connection point on a wired portion of a computer network that is to be protected from unauthorized wireless access; transmitting a first marker packet over a wireless link using the first radio interface to the first active wireless access point device, the first marker packet being adapted to be received by the wireless interface of the first active wireless access point device and being adapted to be transferred through the first active wireless access point device to its wired interface and being destined to a predetermined computing device coupled to the computer network; determining that the first marker packet is received at the predetermined computing device coupled to the computer network; determining that the first active wireless access point device is connected to the wired portion of the computer network based at least upon the determining that the first marker packet is received at the predetermined computing device coupled to the computer network; and determining that the first active wireless access point device provides unauthorized wireless access to the wired portion of the computer network based at least upon the determining that the first active wireless access point device is connected to the wired portion. - View Dependent Claims (57, 58)
-
Specification