Automated method and system for monitoring local area computer networks for unauthorized wireless access
8 Assignments
0 Petitions
Accused Products
Abstract
The wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor'"'"'s LAN) by conducting one or more tests. The sniffers detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs. Upon identifying unauthorized AP and/or intruding wireless station an indication is transferred to the prevention process.
-
Citations
58 Claims
-
1-50. -50. (canceled)
-
51. A method for monitoring for unauthorized wireless access to computer network, the method comprising:
-
monitoring wireless communications within a selected geographic region, the selected geographic region including a wired portion of a computer network that is to be protected from unauthorized wireless access; detecting a first active wireless access point device that transmits wireless signals within the selected geographic region, the first active wireless access point device being configured to perform a network address translation (NAT) function between its wired and wireless interfaces; transmitting a first marker packet over a wireless link to the first active wireless access point device, the first marker packet being adapted to be received by the wireless interface of the first active wireless access point device and being adapted to be transferred through the first active wireless access point device to its wired interface and being destined to a predetermined computing device coupled to the computer network; determining that the first marker packet is received at the predetermined computing device coupled to the computer network; determining that the first active wireless access point device is connected to the wired portion of the computer network based at least upon the determining that the first marker packet is received at the predetermined computing device coupled to the computer network; and determining that the first active wireless access point device provides unauthorized wireless access to the wired portion of the computer network based at least upon the determining that the first active wireless access point device is connected to the wired portion. - View Dependent Claims (52, 53, 54, 55)
-
-
56. An apparatus for monitoring for unauthorized wireless access to computer network, the apparatus comprising:
-
a first radio interface; a processor unit; and a computer readable medium storing instructions executable by the processor unit to perform steps of; monitoring wireless communications using the first radio interface; detecting a first active wireless access point device within a radio coverage range of the radio interface, the first active wireless access point device being configured to perform a network address translation (NAT) function between its wired and wireless interfaces, the radio coverage range of the radio interface including at least one connection point on a wired portion of a computer network that is to be protected from unauthorized wireless access; transmitting a first marker packet over a wireless link using the first radio interface to the first active wireless access point device, the first marker packet being adapted to be received by the wireless interface of the first active wireless access point device and being adapted to be transferred through the first active wireless access point device to its wired interface and being destined to a predetermined computing device coupled to the computer network; determining that the first marker packet is received at the predetermined computing device coupled to the computer network; determining that the first active wireless access point device is connected to the wired portion of the computer network based at least upon the determining that the first marker packet is received at the predetermined computing device coupled to the computer network; and determining that the first active wireless access point device provides unauthorized wireless access to the wired portion of the computer network based at least upon the determining that the first active wireless access point device is connected to the wired portion. - View Dependent Claims (57, 58)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeArista Networks, Inc.
-
Original AssigneeAirtight Networks Incorporated (Arista Networks, Inc.)
-
InventorsBhagwat, Pravin, Gogate, Shantanu, King, David C.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/23
-
CPC Class CodesG06F 21/55 Detecting local intrusion o...H04L 43/00 Arrangements for monitoring...H04L 63/1416 Event detection, e.g. attac...H04L 69/16 Implementation or adaptatio...H04L 69/161 Implementation details of T...H04L 69/163 In-band adaptation of TCP d...H04W 12/03 Protecting confidentiality,...H04W 12/069 using certificates or pre-s...H04W 12/088 using filters or firewallsH04W 12/102 Route integrity, e.g. using...H04W 12/122 Counter-measures against at...
