System and method for detecting unauthorized wireless access points

US 7,965,842 B2
Filed: 06/28/2002
Issued: 06/21/2011
Est. Priority Date: 06/28/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A system for detecting unauthorized access points on a network, comprising:

a database of authorized access points; and

a server in a wired network configured to receive access point identification information from a wireless device, the serving being further configured to;

(1) query the database to determine whether the access point identification information corresponds to an authorized access point;

(2)(a) if an access point is found to be unauthorized, determine whether the access point is connected to the wired network by querying a MAC-address-to-vendor information table to determine whether the access point supports the Reverse Address Resolution Protocol and, if supported, issuing a Reverse Address Resolution Protocol request, wherein if the access point responds, the server assumes the access point is connected to the wired network;

or(2)(b) if an access point is found to be unauthorized, determine whether the access point is connected to the wired network by querying interface tables of one or more switches on the network, wherein if the address of the access point is present, the server assumes the access point is connected to the wired network;

(3) if the unauthorized access point is found not to be connected to the wired network, update a table comprising information of known access points that are not connected to the wired network; and

(4) if the unauthorized access point is found to be connected, disable communications between the network and the unauthorized access point.

View all claims

28 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Unauthorized wireless access points are detected by configuring authorized access points and mobile units to listen to all wireless traffic in its cell and report all detected wireless devices to a monitor. The monitor checks the reported devices against a list of authorized network devices. If the reported wireless device is not an authorized device, the monitor determines if the reported device is connected to the network. If the reported device is connected to the network and is not an authorized device, the monitor alerts the network operator or network manager of a rogue device connected to the network and attempts to locate and isolate the rogue device.

338 Citations

3 Claims

1. A system for detecting unauthorized access points on a network, comprising:
- a database of authorized access points; and
  
  a server in a wired network configured to receive access point identification information from a wireless device, the serving being further configured to;
  
  (1) query the database to determine whether the access point identification information corresponds to an authorized access point;
  
  (2)(a) if an access point is found to be unauthorized, determine whether the access point is connected to the wired network by querying a MAC-address-to-vendor information table to determine whether the access point supports the Reverse Address Resolution Protocol and, if supported, issuing a Reverse Address Resolution Protocol request, wherein if the access point responds, the server assumes the access point is connected to the wired network;
  
  or(2)(b) if an access point is found to be unauthorized, determine whether the access point is connected to the wired network by querying interface tables of one or more switches on the network, wherein if the address of the access point is present, the server assumes the access point is connected to the wired network;
  
  (3) if the unauthorized access point is found not to be connected to the wired network, update a table comprising information of known access points that are not connected to the wired network; and
  
  (4) if the unauthorized access point is found to be connected, disable communications between the network and the unauthorized access point.
- View Dependent Claims (2, 3)
- - 2. The system of claim 1, wherein the wireless device comprises an access point.
  - 3. The system of claim 1, wherein the wireless device comprises a mobile wireless unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ivanti, Inc. (Ivanti Software, Inc.)
Original Assignee
Wavelink Corporation (Ivanti Software, Inc.)
Inventors
Whelan, Robert, Morris, Roy, Van Wagenen, Lamar
Primary Examiner(s)
GEE, JASON KAI YIN

Application Number

US10/184,750
Publication Number

US 20040003285A1
Time in Patent Office

3,280 Days
Field of Search

713/201, 713/153, 713/150, 370/338, 370/401, 455/410, 380/247, 726/2
US Class Current

380/247
CPC Class Codes

H04L 63/1408   by monitoring network traff...

H04L 63/1466   Active attacks involving in...

H04W 12/122   Counter-measures against at...

H04W 88/08   Access point devices

System and method for detecting unauthorized wireless access points

First Claim

28 Assignments

0 Petitions

Accused Products

Abstract

338 Citations

3 Claims

Specification

Use Cases

Quick Links

Others

System and method for detecting unauthorized wireless access points

First Claim

28 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

338 Citations

3 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others