Method and system for detecting wireless access devices operably coupled to computer local area networks and related methods

US 7,751,393 B2
Filed: 09/10/2008
Issued: 07/06/2010
Est. Priority Date: 02/11/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A system for monitoring wireless access to local area network of computers, the system comprising:

a wired communication interface for coupling the system to a wired portion of a local area network;

a wireless communication interface for coupling the system to a wireless medium;

a processor unit; and

a computer readable medium having stored thereon a first set of instructions for instructing the processor unit to;

intercept using the wired communication interface one or more packets on the wired portion of the local area network which are associated with a device coupled to the wired portion of the local area network;

determine from the intercepted one or more packets identity of a port on the device which is open from the wired portion side of the local area network;

generate one or more packets in a selected format and directed to the open port on the device;

transfer using the wired communication interface the generated one or more packets over the wired portion of the local area network to the device, the transferring being for testing whether the device outputs at least one packet from the transferred one or more packets to the wireless medium.detect using the wireless communication interface one or more packets transmitted in the wireless medium;

identify the selected format in at least one packet from the detected one or more packets; and

ascertain that the device provides wireless access to the wired portion of the local area network based at least upon the identifying of the selected format and identify unauthorized access to the wired portion of the local area network.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is provided for detecting wireless access devices coupled to local area network of computers. The method includes coupling a sniffer device to a local area network. The method includes transferring one or more packets to be directed to a selected device over the local area network. The selected device is preferably coupled to the local area network. The method includes intercepting the one or more packets to be directed to the selected device at the sniffer device. Moreover, the method includes deriving information from the intercepted one or more packets using the sniffer device. The method can generate one or more marker packets in a selected format using the sniffer device. The marker packets are provided based upon at least a portion of the information derived from the intercepted packets. The method includes transferring the one or more marker packets from the sniffer device over the local area network to the selected device and monitoring an airspace within a vicinity of the selected device using one or more sniffer devices.

Citations

18 Claims

1. A system for monitoring wireless access to local area network of computers, the system comprising:
- a wired communication interface for coupling the system to a wired portion of a local area network;
  
  a wireless communication interface for coupling the system to a wireless medium;
  
  a processor unit; and
  
  a computer readable medium having stored thereon a first set of instructions for instructing the processor unit to;
  
  intercept using the wired communication interface one or more packets on the wired portion of the local area network which are associated with a device coupled to the wired portion of the local area network;
  
  determine from the intercepted one or more packets identity of a port on the device which is open from the wired portion side of the local area network;
  
  generate one or more packets in a selected format and directed to the open port on the device;
  
  transfer using the wired communication interface the generated one or more packets over the wired portion of the local area network to the device, the transferring being for testing whether the device outputs at least one packet from the transferred one or more packets to the wireless medium.detect using the wireless communication interface one or more packets transmitted in the wireless medium;
  
  identify the selected format in at least one packet from the detected one or more packets; and
  
  ascertain that the device provides wireless access to the wired portion of the local area network based at least upon the identifying of the selected format and identify unauthorized access to the wired portion of the local area network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1 wherein the wireless communication interface includes an IEEE 802.11 network interface.
  - 3. The system of claim 1 wherein the wired communication interface includes an Ethernet network interface.
  - 4. The system of claim 1 wherein the intercepted one or more packets includes a Transmission Control Protocol (TCP) packet.
  - 5. The system of claim 4 wherein the open port being a TCP port.
  - 6. The system of claim 1 wherein the intercepted one or more packets includes a User Datagram Protocol (UDP) packet.
  - 7. The system of claim 6 wherein the open port being a UDP port.
  - 8. The system of claim 1 wherein the selected format comprises a selected bit pattern in the generated one or more packets.
  - 9. The system of claim 1 wherein the selected format comprises a set of selected sizes associated with the generated one or more packets.
  - 10. The system of claim 1 wherein the selected format comprises a set of time instants associated with the generated one or more packets.

11. A method for monitoring wireless access to local area network of computers, the method comprising:
- positioning a wireless sniffer device within a selected geographic region within a vicinity of one or more connection ports of a local area network of computers, the one or more connection ports being usable for wiredly connecting one or more devices to the wired portion of the local area network;
  
  intercepting one or more packets on the wired portion of the local area network, the one or more packets being associated with a device connected to the wired portion of the local area network using at least one of the one or more connection ports;
  
  determining from the intercepted one or more packets identity of a protocol port on the device which is open from the wired portion side of the local area network;
  
  generating one or more packets in a selected format and directed to the protocol port on the device which is determined to be open from the wired portion side of the local area network;
  
  transferring the generated one or more packets over the wired portion of the local area network to the device, the transferring being for testing whether the device outputs at least one packet from the transferred one or more packets to the wireless medium;
  
  detecting using the wireless sniffer device one or more packets transmitted in the wireless medium;
  
  identifying the selected format in at least one of the detected one or more packets; and
  
  ascertaining that the device provides wireless access to the wired portion of the local area network based at least upon the identifying of the selected format and identify unauthorized access to the wired portion of the local area network.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The method of claim 11 wherein the intercepted one or more packets includes a Transmission Control Protocol (TCP) packet.
  - 13. The method of claim 12 wherein the protocol port being a TCP port.
  - 14. The method of claim 11 wherein the intercepted one or more packets includes a User Datagram Protocol (UDP) packet.
  - 15. The method of claim 14 wherein the protocol port being a UDP port.
  - 16. The method of claim 11 wherein the selected format comprises a selected bit pattern in the generated one or more packets.
  - 17. The method of claim 11 wherein the selected format comprises a set of selected sizes associated with the generated one or more packets.
  - 18. The method of claim 11 wherein the selected format comprises a set of time instants associated with the generated one or more packets.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arista Networks, Inc.
Original Assignee
Airtight Networks Incorporated (Arista Networks, Inc.)
Inventors
Mittal, Sharad, Chaskar, Hemant, Jonnalagadda, Murthy, Bhagwat, Pravin
Primary Examiner(s)
Wilson; Robert W

Application Number

US12/207,502
Publication Number

US 20090013073A1
Time in Patent Office

664 Days
Field of Search

None
US Class Current

370/389
CPC Class Codes

H04W 12/122 Counter-measures against at...

H04W 8/005 Discovery of network device...

Method and system for detecting wireless access devices operably coupled to computer local area networks and related methods

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for detecting wireless access devices operably coupled to computer local area networks and related methods

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links