Methods apparatus and program products for wireless access points

US 7,380,268 B2
Filed: 11/20/2002
Issued: 05/27/2008
Est. Priority Date: 03/27/2002
Status: Active Grant

First Claim

Patent Images

1. A method comprisingmonitoring access points through which data can be exchanged with a network;

identifying an unauthorized access point;

in response to an unauthorized access point being identified, determining make, model and default configuration password of said identified unauthorized access point by monitoring traffic passing through said identified unauthorized access point;

addressing said identified unauthorized access point using said determined default configuration password; and

after gaining access thereto, reconfiguring said unauthorized access point to add an identity of said identified unauthorized access point to registers of ports for which charges are allocated such that access charges can be accumulated against said identity.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, apparatus and program products which monitor wireless access points (12, 16) through which data can be exchanged with a network (10), identify an unauthorized access point (16), and respond to monitored data flow in a variety of manners including determining the location of the identified unauthorized access point, establishing filtering, and controlling accounting for access services.

Citations

23 Claims

1. A method comprisingmonitoring access points through which data can be exchanged with a network;
- identifying an unauthorized access point;
  
  in response to an unauthorized access point being identified, determining make, model and default configuration password of said identified unauthorized access point by monitoring traffic passing through said identified unauthorized access point;
  
  addressing said identified unauthorized access point using said determined default configuration password; and
  
  after gaining access thereto, reconfiguring said unauthorized access point to add an identity of said identified unauthorized access point to registers of ports for which charges are allocated such that access charges can be accumulated against said identity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method according to claim 1, further comprising determining a geographical location of said identified unauthorized access point.
  - 3. The method according to one of claims 1 and 2, further comprising applying traffic filtering to monitored traffic passing through said identified unauthorized access point.
  - 4. The method according to one of claims 1 through 3, further comprising accumulating charges for access and usage of network resources identified to said identified unauthorized access point.
  - 5. The method according to one of claims 1 through 4, wherein said identifying further includes comparing identities of monitored access points with a database of authorized access points.
  - 6. The method according to claim 5, wherein said monitoring further includes equipping each of a plurality of computer devices to detect access points accessible to said computer devices and to report to a server computer system identities of detected access points.
  - 7. The method according to claim 5, wherein said monitoring further includes querying network nodes for recent entries into node identifying connectivity tables maintained at said network nodes.
  - 8. The method according to one of claims 6 and 7, wherein said monitoring is performed intermittently and periodically.
  - 9. The method according to claim 8, wherein said monitoring is performed at predetermined regular intervals.
  - 10. The method according to claim 8, wherein said monitoring is performed at random irregular intervals.
  - 11. The method according to claim 2, wherein said determining geographic location further includes comparing locations of a plurality of computer devices all of which report detection of said identified unauthorized access point.
  - 12. The method according to claim 3, wherein said applying further includes denying access to said network through said identified unauthorized access point.

13. An apparatus comprising:
- a computer system;
  
  a network interface connected to said computer system to provide a communication channel between said computer system and a network;
  
  means for monitoring access points through which data can be exchanged with said network;
  
  means for identifying an unauthorized access point;
  
  means for, in response to an unauthorized access point being identified, determining make, model and default configuration password of said identified unauthorized access point by monitoring traffic passing through said identified unauthorized access point;
  
  means for addressing said identified unauthorized access point using said determined default configuration password; and
  
  means for, after gaining access thereto, reconfiguring said unauthorized access point to add an identity of said identified unauthorized access point to registers of ports for which charges are allocated such that access charges can be accumulated against said identity.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The apparatus according to claim 13, wherein said computer system is a workstation computer system.
  - 15. The apparatus according to claim 13, wherein said computer system is a server computer system.
  - 16. The apparatus according to one of claims 14 and 15, further comprising a geographical location determining program effective when executing to derive said physical location of an unauthorized access point.
  - 17. The apparatus according to one of claims 14 through 16, further comprising a traffic filter controlling program effective when executing to selectively impose a filter on traffic exchanged with said network through an unauthorized node.
  - 18. The apparatus according to one of claims 14 through 17, further comprising an accounting control program effective when executing to accumulate charges for access and usage of network resources identified to said identified unauthorized access point.

19. A computer storage medium having a computer program product comprising:
- computer program code for monitoring access points through which data can be exchanged with a network;
  
  computer program code for identifying an unauthorized access point;
  
  computer program code for, in response to an unauthorized access point being identified, determining make, model and default configuration password of said identified unauthorized access point by monitoring traffic passing through said identified unauthorized access point;
  
  computer program code for addressing said identified unauthorized access point using said determined default configuration password; and
  
  computer program code for, after gaining access thereto, reconfiguring said unauthorized access point to add an identity of said identified unauthorized access point to registers of ports for which charges are allocated such that access charges can be accumulated against said identity.
- View Dependent Claims (20, 21, 22, 23)
- - 20. The computer storage medium according to claim 19, wherein said computer storage medium further includes computer program code for determining a geographical location of said identified unauthorized access point.
  - 21. The computer storage medium according to one of claims 19 and 20, wherein said computer storage medium further includes computer program code for applying traffic filtering to monitored traffic passing through said identified unauthorized access point.
  - 22. The computer storage medium according to one of claims 19 through 21, wherein said computer storage medium further includes computer program code for accumulating charges for access and usage of network resources identified to said identified unauthorized access point.
  - 23. The computer storage medium according to one of claims 19 through 22, wherein said computer storage medium further includes computer program code for comparing identity of monitored access points with a database of authorized access points.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo PC International Limited (Lenovo Group Ltd.)
Original Assignee
Lenovo Singapore Pte Limited (Lenovo Group Ltd.)
Inventors
Schales, Douglas L., Kump, Garry M., Safford, David R., Challener, David C., Van Doorn, Leendert P., Noel, Francis E. Jr.
Primary Examiner(s)
Song; Hosuk

Application Number

US10/507,546
Publication Number

US 20050114649A1
Time in Patent Office

2,015 Days
Field of Search

726/11, 726 13- 14, 726 22- 25, 726 2- 4, 709223-225
US Class Current

726/2
CPC Class Codes

H04L 41/12   Discovery or management of ...

H04L 41/34   Signalling channels for net...

H04L 63/02   for separating internal fro...

H04L 63/1408   by monitoring network traff...

H04M 1/68   Circuit arrangements for pr...

H04W 12/122   Counter-measures against at...

Methods apparatus and program products for wireless access points

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Methods apparatus and program products for wireless access points

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links