Rogue router hunter
First Claim
1. A computer implemented method for detecting unauthorized routers in a distributed network, the computer implemented method comprising:
- obtaining a physical address of a destination device;
creating, by a source device, a data packet comprising at least a destination media access control field, a destination internet protocol field, and a time-to-live field, wherein the destination media access control field comprises the physical address of the destination device, wherein the destination internet protocol field comprises a bogus internet protocol address to cause the destination device receiving the data packet to route the data packet if the destination device is configured for routing, and wherein the time-to-live field comprises a value indicating the data packet has already exceeded a time limit to cause the destination device receiving the data packet to return a time exceeded message to the source device;
sending the data packet to the destination device using the physical address in the destination media access control field; and
responsive to receiving the time exceeded message from the destination device, determining that the destination device is enabled for routing.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer implemented method, data processing system, and computer program product for discovering an unauthorized router in a network. The process in the illustrative embodiments first obtains a physical address of a suspected router or destination device. A data packet is created which comprises at least a destination media access control field, a destination internet protocol field, and a time-to-live field, wherein the destination media access control field comprises the physical address of the destination device, wherein the destination internet protocol field comprises a bogus internet protocol address, and wherein the time-to-live field comprises a value indicating the data packet has exceeded a time limit. The data packet is sent to the destination device using the physical address in the destination media access control field. If a time exceeded message is received from the destination device, the destination device is determined to be enabled for routing.
-
Citations
18 Claims
-
1. A computer implemented method for detecting unauthorized routers in a distributed network, the computer implemented method comprising:
-
obtaining a physical address of a destination device; creating, by a source device, a data packet comprising at least a destination media access control field, a destination internet protocol field, and a time-to-live field, wherein the destination media access control field comprises the physical address of the destination device, wherein the destination internet protocol field comprises a bogus internet protocol address to cause the destination device receiving the data packet to route the data packet if the destination device is configured for routing, and wherein the time-to-live field comprises a value indicating the data packet has already exceeded a time limit to cause the destination device receiving the data packet to return a time exceeded message to the source device; sending the data packet to the destination device using the physical address in the destination media access control field; and responsive to receiving the time exceeded message from the destination device, determining that the destination device is enabled for routing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A data processing system for detecting unauthorized routers in a distributed network, the data processing system comprising:
-
a bus; a storage device connected to the bus, wherein the storage device contains computer usable code; at least one managed device connected to the bus; a communications unit connected to the bus; and a processing unit connected to the bus, wherein the processing unit executes the computer usable code to obtain a physical address of a destination device;
create a data packet comprising at least a destination media access control field, a destination internet protocol field, and a time-to-live field, wherein the destination media access control field comprises the physical address of the destination device, wherein the destination internet protocol field comprises a bogus internet protocol address to cause the destination device receiving the data packet to route the data packet if the destination device is configured for routing, and wherein the time-to-live field comprises a value indicating the data packet has already exceeded a time limit to cause the destination device receiving the data packet to return a time exceeded message to a source device;
send the data packet to the destination device using the physical address in the destination media access control field; and
determine that the destination device is enabled for routing in response to receiving the time exceeded message from the destination device.
-
-
11. A computer program product for detecting unauthorized routers in a distributed network, the computer program product comprising:
-
a non-transitory computer usable storage medium having computer usable program code stored thereon, the computer usable program code comprising; computer usable program code for obtaining a physical address of a destination device; computer usable program code for creating a data packet comprising at least a destination media access control field, a destination internet protocol field, and a time-to-live field, wherein the destination media access control field comprises the physical address of the destination device, wherein the destination internet protocol field comprises a bogus internet protocol address to cause the destination device receiving the data packet to route the data packet if the destination device is configured for routing, and wherein the time-to-live field comprises a value indicating the data packet has already exceeded a time limit to cause the destination device receiving the data packet to return a time exceeded message to a source device; computer usable program code for sending the data packet to the destination device using the physical address in the destination media access control field; and computer usable program code for determining that the destination device is enabled for routing in response to receiving the time exceeded message from the destination device. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
Specification