公开(公告)号：US20060200862A1

公开(公告)日：2006-09-07

申请号：US11073317

申请日：2005-03-03

Applicant: Timothy Olson ,  Pauline Shuen ,  Ajit Sanzgiri ,  Nancy Winget ,  Pejman Roshan

Inventor： Timothy Olson ,  Pauline Shuen ,  Ajit Sanzgiri ,  Nancy Winget ,  Pejman Roshan

IPC: G06F12/14

CPC classification number: H04W12/12 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/1466 ,  H04W48/08 ,  H04W48/16 ,  H04W88/08

Abstract: Methods and apparatus are disclosed for locating and disabling the switch port of a rogue wireless access point. In one embodiment, a network management device is configured to detect the presence of a rogue access point on a managed wireless network. Once detected, the management device may then instruct a special client, such as a scanning AP, to associate with the rogue access point and send a discovery packet through the rogue access point to network management device. The network management device upon receiving the discovery packet may thereby determine that the rogue access point is connected to a network managed by said network device. The network device may then utilize information contained in the discovery packet to locate the switch port to which the rogue access point is connected, and ultimately disable the switch port to which the rogue access point is connected.

Abstract translation: 公开了用于定位和禁用流氓无线接入点的交换机端口的方法和装置。 在一个实施例中，网络管理设备被配置为检测被管理无线网络上的恶意接入点的存在。 一旦检测到，管理设备然后可以指示诸如扫描AP的特殊客户端与流氓接入点关联，并通过流氓接入点将发现分组发送到网络管理设备。 因此，网络管理装置在接收到发现分组时可以确定恶意接入点连接到由所述网络设备管理的网络。 然后，网络设备可以利用包含在发现分组中的信息来定位与恶意接入点连接的交换机端口，并且最终禁用与恶意接入点连接的交换机端口。

公开(公告)号：US20060075131A1

公开(公告)日：2006-04-06

申请号：US11286086

申请日：2005-11-22

Applicant: Bretton Douglas ,  Timothy Olson ,  David Halasz ,  John Deng ,  Arnold Bilstad ,  Sheausong Yang ,  Richard Rebo ,  Jonathan Leary ,  Daryl Kaiser

Inventor： Bretton Douglas ,  Timothy Olson ,  David Halasz ,  John Deng ,  Arnold Bilstad ,  Sheausong Yang ,  Richard Rebo ,  Jonathan Leary ,  Daryl Kaiser

IPC: G06F15/16

CPC classification number: H04W64/00 ,  G01S5/0252 ,  H04W48/08 ,  H04W48/16 ,  H04W80/00

Abstract: Determining the location of a radio tag or client station of a wireless network, and the location of coverage holes by receiving from a plurality of wireless stations of the wireless network path loss information of the path loss of one or more location frames received at the respective wireless stations. The location frames transmitted by the radio tag or client station having a pre-defined frame structure. The radio tags and client stations use a common infrastructure for transmitting a location frame configured for radiolocation by path loss measurement. The common infrastructure includes a pre-defined protocol common for both radio tags and client stations for transmitting information for reception by the plurality of stations of the wireless network for radiolocation. The pre-defined protocol includes using the location frame having the pre-defined frame structure.

Abstract translation: 确定无线网络的无线电标签或客户站的位置，以及通过从多个无线站接收无线网络路径损失信息来确定无线网络的无线电标签或客户站的位置，以及在各个无线站点处接收到的一个或多个位置帧的路径损耗 无线电台。 由具有预定义帧结构的无线电标签或客户站发送的位置帧。 无线电标签和客户端站使用通用基础设施来发送通过路径损耗测量配置无线电定位的位置帧。 公共基础设施包括用于无线电标签和客户端站的公共的预定义协议，用于发送用于由用于无线电定位的无线网络的多个站点接收的信息。 预定义的协议包括使用具有预定义帧结构的位置帧。

公开(公告)号：US20060046737A1

公开(公告)日：2006-03-02

申请号：US10933102

申请日：2004-09-02

Applicant: Bretton Douglas ,  Timothy Olson

Inventor： Bretton Douglas ,  Timothy Olson

IPC: H04Q7/20

CPC classification number: H04W16/18

Abstract: A search algorithm to find a globally optimal radio plan for a wireless network, including assignments of frequency and transmission power to multiple access points. Two different evaluation metrics are used in order to provide an optimal solution in a reasonable time period. Frequency searches are performed using a special rapid evaluation metric. Transmission powers are selected using a more refined metric that estimates data throughput. The search results are deterministic and execution time is also substantially deterministic.

公开(公告)号：US20050171720A1

公开(公告)日：2005-08-04

申请号：US10766174

申请日：2004-01-28

Applicant: Timothy Olson ,  Daryl Kaiser ,  Pejman Roshan

Inventor： Timothy Olson ,  Daryl Kaiser ,  Pejman Roshan

IPC: H04L12/28 ,  H04L29/06 ,  H04W12/12 ,  G06F19/00

CPC classification number: H04L63/1433 ,  H04W12/12

Abstract: A method, an apparatus, and a software program to implement a method to detect a rogue access point of a wireless network. The method includes maintaining an AP database that includes information about managed access point (APs) and friendly APs, including the MAC address of each managed AP. The method further includes sending a scan request to one or more managed APs, including one or more of a request for the receiving managed AP to scan for beacons and probe responses and a request for the receiving managed AP to request its clients to scan for beacons and probe responses. The method further includes receiving reports from at least one of the receiving managed APs, a report including information on any beacon or probe response received that was sent by an AP. For each beacon or probe response on which information is received, the method analyzes the information received in the report about the AP that sent the beacon or probe response, the analyzing including ascertaining if the MAC address of the AP that sent the beacon or probe response matches a MAC address of an AP in the AP database to ascertain whether or not the AP is a potential rogue AP or a managed or friendly AP.

Abstract translation: 一种用于实现检测无线网络的恶意接入点的方法的方法，装置和软件程序。 该方法包括维护AP数据库，该AP数据库包括有关受管接入点（AP）和友好AP的信息，包括每个被管理AP的MAC地址。 该方法还包括向一个或多个受管理的AP发送扫描请求，包括对接收被管理的AP扫描信标和探测响应的请求中的一个或多个，以及对接收被管理的AP请求其客户端扫描信标的请求 并探测反应。 所述方法还包括从所述接收管理AP中的至少一个接收报告，报告包括由AP发送的所接收的任何信标或探测响应的信息。 对于接收到哪个信息的每个信标或探测响应，该方法分析报告中收到的关于发送信标或探测响应的AP的信息，该分析包括确定发送信标或探测响应的AP的MAC地址 匹配AP数据库中的AP的MAC地址，以确定AP是否是潜在的流氓AP或被管理或友好的AP。

公开(公告)号：US20050141498A1

公开(公告)日：2005-06-30

申请号：US11029987

申请日：2005-01-05

Applicant: Nancy Cam Winget ,  Mark Krischer ,  Timothy Olson ,  Pauline Shuen ,  Ajit Sanzgiri ,  Sheausong Yang

Inventor： Nancy Cam Winget ,  Mark Krischer ,  Timothy Olson ,  Pauline Shuen ,  Ajit Sanzgiri ,  Sheausong Yang

IPC: H04L12/24 ,  H04L12/28 ,  H04L12/56 ,  H04L29/06

CPC classification number: H04W12/04 ,  H04L41/00 ,  H04L63/062 ,  H04L63/08 ,  H04L63/083 ,  H04L63/123 ,  H04L63/126 ,  H04L63/1408 ,  H04W12/10 ,  H04W12/12 ,  H04W84/12 ,  H04W88/08

Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.

Abstract translation: 基于检测的无线网络防御。 基础设施的元件，例如接入点或仅扫描接入点，通过检测欺骗性帧（例如来自恶意访问点）来检测入侵者。 接入点包括诸如消息完整性检查之类的签名，以及其管理帧的方式使得邻近接入点能够验证管理帧，并且检测被欺骗的帧。 当相邻接入点接收到管理帧时，获取发送帧的接入点的密钥，并使用密钥验证管理帧。