Network unauthorized access preventing system and network unauthorized access preventing apparatus

US 7,552,478 B2
Filed: 08/27/2004
Issued: 06/23/2009
Est. Priority Date: 08/28/2003
Status: Active Grant

First Claim

Patent Images

1. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:

a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said network unauthorized access preventing apparatus comprises;

an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;

collects all packets transmitted via said network in an indiscriminate reception mode;

determines whether or not a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered in said authorization list storage unit;

sets a predetermined designation time when receiving the request;

in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, receives the correct response packet and sends the response packet containing the false physical address to said unauthorized apparatus immediately after receiving the correct response packet; and

in a case where not receiving the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is disclosed a network unauthorized access preventing system in which in a network to which one or more information processing apparatuses and a network unauthorized access preventing apparatus are connected, an unauthorized apparatus which is not authorized to access the network is prevented from accessing the network. The system includes an information processing apparatus which sends a correct ARP response packet to the unauthorized apparatus in response to an ARP request broadcast from the unauthorized apparatus, and a network unauthorized access preventing apparatus which sends an ARP response packet containing a false MAC address as the MAC address of the information processing apparatus to the unauthorized apparatus immediately after the correct ARP response packet is sent to the unauthorized apparatus.

54 Citations

View as Search Results

22 Claims

1. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said network unauthorized access preventing apparatus comprises;
  
  an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  collects all packets transmitted via said network in an indiscriminate reception mode;
  
  determines whether or not a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered in said authorization list storage unit;
  
  sets a predetermined designation time when receiving the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, receives the correct response packet and sends the response packet containing the false physical address to said unauthorized apparatus immediately after receiving the correct response packet; and
  
  in a case where not receiving the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses.

2. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus, wherein said network unauthorized access preventing apparatus;
  
  sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address; and
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to said information processing apparatus.

3. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said network unauthorized access preventing apparatus;
  
  comprises an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  collects all packets transmitted via said network in an indiscriminate reception mode;
  
  determines whether or not a physical address of a packet sender contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered in said authorization list storage unit;
  
  sets a predetermined designation time when receiving the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, receives the correct response packet and sends the response packet containing the false physical address to said unauthorized apparatus immediately after receiving the correct response packet;
  
  in a case where not receiving the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses;
  
  and at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to said information processing apparatus.

4. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said network unauthorized access preventing apparatus;
  
  sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus; and
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all information processing apparatuses existing in a same subnet as said information processing apparatus.

5. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said network unauthorized access preventing apparatus;
  
  comprises an authorization list which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  collects all packets transmitted via said network in an indiscriminate reception mode;
  
  determines whether or not a physical address of a packet sender contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as the unauthorized apparatus in a case where the physical address is not registered in said authorization list storage unit;
  
  sets a predetermined designation time when receiving the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, receives the correct response packet and sends the response packet containing the false physical address to said unauthorized apparatus immediately after receiving the correct response packet;
  
  in a case where not receiving the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses; and
  
  at the same time sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all information processing apparatuses that exist in a same subnet as said information processing apparatus.

6. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, comprising an external information processing apparatus which is connected to said network via a relay apparatus, wherein said network unauthorized access preventing apparatus;
  
  comprises a relay apparatus list storage unit which stores a physical address of a relay apparatus connected to said network;
  
  determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, and in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus; and
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit.

7. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, comprising an external information processing apparatus which is connected to said network via a relay apparatus, wherein said network unauthorized access preventing apparatus;
  
  comprises an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  comprises a relay apparatus list storage unit which stores a physical address of a relay apparatus which is connected to said network;
  
  collects all packets transmitted via said network in an indiscriminate reception mode;
  
  determines whether or not a physical address of a packet sender contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as the unauthorized apparatus in a case where the physical address is not registered in said authorization list storage unit;
  
  sets a predetermined designation time when receiving the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, receives the correct response packet ad sends the response packet containing the false physical address to said unauthorized apparatus immediately after receiving the correct response packet;
  
  determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, and in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus; and
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit.

8. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, comprising an external information processing apparatus which is connected to said network via a relay network, wherein said network unauthorized access preventing apparatus;
  
  comprises a relay apparatus list storage unit which stores a physical address of a relay apparatus connected to said network;
  
  determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network, based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, and in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus;
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit;
  
  sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus; and
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to said information processing apparatus.

9. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, comprising an external information processing apparatus which is connected to said network via a relay apparatus, wherein said network unauthorized access preventing apparatus;
  
  comprises a relay apparatus list storage unit which stores a physical address of a relay apparatus connected to said network;
  
  determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network, based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, and in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus;
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit;
  
  sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus; and
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all information processing apparatuses that exist in a same subnet as said information processing apparatus.

10. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, comprising an external information processing apparatus which is connected to said network via a relay apparatus, wherein said network unauthorized access preventing apparatus;
  
  comprises an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network, and a relay apparatus list storage unit which stores a physical address of a relay apparatus which is connected to said network;
  
  collects all packets transmitted via said network in an indiscriminate reception mode;
  
  determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered;
  
  sets a predetermined designation time when receiving the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, receives the correct response packet and sends the response packet containing the false physical address to said unauthorized apparatus immediately after receiving the correct response packet;
  
  in a case where not receiving the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses;
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to said information processing apparatus;
  
  determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, and in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus; and
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit.

11. A network unauthorized access preventing system for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses connected to said network, said system comprising:
- a network unauthorized access preventing apparatus which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after said information processing apparatus sends a correct response packet to said unauthorized apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, comprising an external information processing apparatus which is connected to said network via a relay apparatus, wherein said network unauthorized access preventing apparatus;
  
  comprises an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network, and a relay apparatus list storage unit which stores a physical address of a relay apparatus which is connected to said network;
  
  collects all packets transmitted via said network in an indiscriminate reception mode;
  
  determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered;
  
  sets a predetermined designation time when receiving the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, receives the correct response packet and sends the response packet containing the false physical address to said unauthorized apparatus immediately after receiving the correct response packet;
  
  in a case where not receiving the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses;
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all information processing apparatuses that exist in a same subnet as said information processing apparatus;
  
  determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, and in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus; and
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit.

12. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said false packet sending unit;
  
  sets a predetermined designation time when said network unauthorized access preventing apparatus receives the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus immediately after said network unauthorized access preventing apparatus receives the correct response packet; and
  
  in a case where said network unauthorized access preventing apparatus does not receive the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses.

13. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said false packet sending unit;
  
  sends a packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus; and
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to said information processing apparatus.

14. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said false packet sending unit;
  
  sets a predetermined designation time when said network unauthorized access preventing apparatus receives the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus immediately after said network unauthorized access preventing apparatus receives the correct response packet;
  
  in a case where said network unauthorized access preventing apparatus does not receive the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses; and
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to said information processing apparatus.

15. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said false packet sending unit;
  
  sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus; and
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all information processing apparatuses that exist in a same subnet as said information processing apparatus.

16. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address, wherein said false packet sending unit;
  
  sets a predetermined designation time when said network unauthorized access preventing apparatus receives the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus immediately after said network unauthorized access preventing apparatus receives the correct response packet;
  
  in a case where said network unauthorized access preventing apparatus does not receive the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses; and
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all information processing apparatuses that exist in a same subnet as said information processing apparatus.

17. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address,a relay apparatus list storage unit which stores a physical address of a relay apparatus connected to said network; and
  
  a network determination unit which determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, wherein in a case where said unauthorized apparatus attempts to access an external information processing unit existing in an external network, said false packet sending unit;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus; and
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit.

18. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address,a relay apparatus list storage unit which stores a physical address of a relay apparatus connected to said network; and
  
  a network determination unit which determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, wherein said false packet sending unit;
  
  sets a predetermined designation time when said network unauthorized access preventing apparatus receives the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus immediately after said network unauthorized access preventing apparatus receives the correct response packet;
  
  in a case where said network unauthorized access preventing apparatus does not receive the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses;
  
  in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network, sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus; and
  
  at the same time sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit.

19. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address,a relay apparatus list storage unit which stores a physical address of a relay apparatus which is connected to said network; and
  
  a network determination unit which determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, wherein in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network, said false packet sending unit;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus;
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit; and
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to said information processing apparatus.

20. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information Processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address,a relay apparatus list storage unit which stores a physical address of a relay apparatus connected to said network; and
  
  a network determination unit which determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, wherein in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network, said false packet sending unit;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus;
  
  sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit;
  
  and at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all information processing apparatuses existing in a same subnet as said information processing apparatuses.

21. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information Processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address,a relay apparatus list storage unit which stores a physical address of a relay apparatus connected to said network; and
  
  a network determination unit which determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, wherein said false packet sending unit;
  
  sets a predetermined designation time when said network unauthorized access preventing apparatus receives the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus immediately after said network unauthorized access preventing apparatus receives the correct response packet;
  
  in a case where said network unauthorized access preventing apparatus does not receive the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses;
  
  in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network, sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus;
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit;
  
  sets a predetermined designation time when said network unauthorized access preventing apparatus receives the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus immediately after said network unauthorized access preventing apparatus receives the correct response packet;
  
  in a case where said network unauthorized access preventing apparatus does not receive the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses; and
  
  at the same time, sends a responses packet containing a false physical address as a physical address of said unauthorized apparatus to said information processing apparatus.

22. A network unauthorized access preventing apparatus for preventing an unauthorized apparatus, which is not authorized to access a network, from accessing one or more information processing apparatuses in said network, said apparatus comprising:
- an authorization list storage unit which stores a physical address of an information processing apparatus which is authorized to access said network;
  
  a packet collection unit which collects all packets transmitted via said network in an indiscriminate reception mode;
  
  an access authorization determination unit which determines whether a physical address of a packet sender which is contained in a collected packet is registered in said authorization list storage unit, and detects the packet sender of this packet as said unauthorized apparatus in a case where the physical address is not registered; and
  
  a false packet sending unit which sends a response packet containing a false physical address as a physical address of said information processing apparatus to said unauthorized apparatus, after a correct response packet is sent to said unauthorized apparatus from said information processing apparatus in response to a request which is broadcast from said unauthorized apparatus for knowing a physical address,a relay apparatus list storage unit which stores a physical address of a relay apparatus connected to said network; and
  
  a network determination unit which determines whether said unauthorized apparatus attempts to access an information processing apparatus existing in said network or attempts to access an external information processing apparatus existing in an external network based on an IP address of an information processing apparatus which said unauthorized apparatus attempts to access which IP address is contained in the request, wherein in a case where said unauthorized apparatus attempts to access an external information processing apparatus existing in an external network, said false packet sending unit;
  
  sends a response packet containing a false physical address as a physical address of said relay apparatus to said unauthorized apparatus; and
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all relay apparatuses whose physical address is stored in said relay apparatus list storage unit, and said false packet sending unit;
  
  sets a predetermined designation time when said network unauthorized access preventing apparatus receives the request;
  
  in a case where the correct response packet is sent to said unauthorized apparatus from said information processing apparatus regardless of whether it is before or after the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus immediately after said network unauthorized access preventing apparatus receives the correct response packet;
  
  in a case where said network unauthorized access preventing apparatus does not receive the correct response packet before the designation time elapses, sends the response packet containing the false physical address to said unauthorized apparatus when the designation time elapses; and
  
  at the same time, sends a response packet containing a false physical address as a physical address of said unauthorized apparatus to all information processing apparatuses that exist in a same subnet as said information processing apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NEC Corporation
Original Assignee
NEC Corporation
Inventors
Makino, Tatsuya, Hasei, Shinji, Uotani, Miho, Seki, Yoshinaga
Primary Examiner(s)
CERVETTI, DAVID GARCIA

Application Number

US10/927,128
Publication Number

US 20050050365A1
Time in Patent Office

1,761 Days
Field of Search

726/4, 726/13, 726/23
US Class Current

726/23
CPC Class Codes

H04L 63/101   Access control lists [ACL]

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1441   Countermeasures against mal...

H04L 63/1466   Active attacks involving in...

Network unauthorized access preventing system and network unauthorized access preventing apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

54 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Network unauthorized access preventing system and network unauthorized access preventing apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links