Detection of hidden wireless routers
First Claim
1. A method for determining if unauthorized routing between a first network and a second network is occurring, comprising:
- deploying a first station in said first network;
deploying a test server in said second network connected to said first network through a secure access server;
transmitting from said first station a protocol data unit addressed to a second station in said first network, wherein said protocol data unit comprises a network layer source address of said second station, and an address of said test server;
triggering an alarm if said protocol data unit is received at said test server, wherein said alarm comprises said network layer source address of said second station; and
detecting at said test server that said network layer source address of said second station is identified as an unauthorized router.
22 Assignments
0 Petitions
Accused Products
Abstract
A technique is disclosed for detecting hidden wireless routers that constitute security threats in telecommunications networks that comprise a wireless network portion and a wireline network portion. In accordance with the illustrative embodiment of the invention, a test station is used in the wireless portion of a network to detect the presence of a hidden wireless router. Furthermore, in some embodiments, a test server is used in the wireline portion of the network in order to detect packets that are illegitimately routed from the wireless portion to the wireline portion of the network through the hidden wireless router.
-
Citations
3 Claims
-
1. A method for determining if unauthorized routing between a first network and a second network is occurring, comprising:
-
deploying a first station in said first network; deploying a test server in said second network connected to said first network through a secure access server; transmitting from said first station a protocol data unit addressed to a second station in said first network, wherein said protocol data unit comprises a network layer source address of said second station, and an address of said test server; triggering an alarm if said protocol data unit is received at said test server, wherein said alarm comprises said network layer source address of said second station; and detecting at said test server that said network layer source address of said second station is identified as an unauthorized router. - View Dependent Claims (2, 3)
-
Specification
-
- Resources
-
Current AssigneeAvaya Incorporated
-
Original AssigneeAvaya Incorporated
-
InventorsKrishnan, P, Ganu, Sachin Nandkumar, Krishnakumar, Anjur Sundaresan, Kappes, Martin, Fazal, Lookman
-
Primary Examiner(s)Chang, Jungwon
-
Application NumberUS10/757,676Publication NumberTime in Patent Office2,505 DaysField of Search709/245, 709/238, 709/249, 709/225, 726/11, 726/15, 726/23, 455/411US Class Current709/238CPC Class CodesH04L 41/06 Management of faults, event...H04L 41/12 Discovery or management of ...H04L 63/0272 Virtual private networksH04L 63/08 for authentication of entit...H04L 63/1408 by monitoring network traff...H04L 63/1433 Vulnerability analysisH04W 12/122 Counter-measures against at...
