Method for detecting unauthorized network access by having a NIC monitor for packets purporting to be from itself
    2.
    发明授权
    Method for detecting unauthorized network access by having a NIC monitor for packets purporting to be from itself 有权
    通过对来自其自身的分组具有NIC监视器来检测未经授权的网络访问的方法

    公开(公告)号:US06745333B1

    公开(公告)日:2004-06-01

    申请号:US10062871

    申请日:2002-01-31

    Inventor: Brant D. Thomsen

    Abstract: A method is described a NIC to ascertain the presence of spoofing activity and thus detect unauthorized network access. The NIC monitors for packets purporting to be from itself. In one embodiment, a NIC views packets trafficking on its network and monitors for packets having its own MAC Address, but which it did not send. In another embodiment, the NIC monitors for packets having its own IP address, but which it did not send. These falsely purportive packets originate not from the observant NIC, but suspiciously from elsewhere. Such suspect origins entities may be rogue entities attempting to gain unauthorized network access. These embodiments detect unauthorized access to a network by ascertaining the presence of spoofing activity in a manner that does not require gross revamping of network architecture or the burdening of network accessibility by legitimate authorized entities.

    Abstract translation: 描述了一种NIC来确定欺骗活动的存在并因此检测未经授权的网络访问。 NIC监视来自本身的数据包。 在一个实施例中,NIC在其网络上查看分组传送,并监视具有其自己的MAC地址但是没有发送的分组的分组。 在另一个实施例中,NIC监视具有其自己的IP地址但是没有发送的分组的分组。 这些虚假的信息来源不是来自观察网卡,而是来自其他地方。 这些嫌疑来源实体可能是试图获得未经授权的网络访问的流氓实体。 这些实施例通过不需要大量改进网络架构或合法授权实体对网络可访问性的负担的方式来确定欺骗活动的存在来检测对网络的未授权访问。

    Methods of determining whether a network interface card entry within the system registry pertains to physical hardware or to a virtual device
    3.
    发明授权
    Methods of determining whether a network interface card entry within the system registry pertains to physical hardware or to a virtual device 失效
    确定系统注册表内的网络接口卡条目是否属于物理硬件或虚拟设备的方法

    公开(公告)号:US06675308B1

    公开(公告)日:2004-01-06

    申请号:US09568862

    申请日:2000-05-09

    Inventor: Brant D. Thomsen

    CPC classification number: H04L43/0817 H04L41/0803 H04L41/22

    Abstract: Methods of determining whether a network interface card entry within the system registry of a Windows™-based operating system pertains to “real” physical hardware or to a “virtual” device. In one embodiment of the present invention, the method includes the steps of: (1) opening the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\Net key entry of the system registry; (2) examining each of the sub-keys for the “Net” key, and find one with a “DriverDesc” string value matching a NIC; (3) opening the “Ndi” key under the matching sub-key; (4) getting the “DeviceID” string value under the “Ndi” key; and, (5) searching the “DeviceID” string for a backslash “\” character. If the backslash character is found, then it can be concluded that the network interface card entry is associated with “real” physical hardware. Otherwise, it can be concluded that the network interface card entry is associated with a “virtual” device. In one particular embodiment, the present invention is implemented as part of a network configuration software or network monitoring software and allows users or system administrators to more easily monitor and modify the settings for network interface cards installed on a computer system running on Windows 95® or Windows 98® operating systems.

    Abstract translation: 确定基于Windows(TM)的操作系统的系统注册表内的网络接口卡条目是否属于“真实的”物理硬件或“虚拟”设备的方法。 在本发明的一个实施例中,该方法包括以下步骤:(1)打开系统注册表的HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ Class \ Net密钥项; (2)检查“Net”键的每个子键,并找到一个与NIC匹配的“DriverDesc”字符串值; (3)打开匹配子键下的“Ndi”键; (4)获取“NID”键下的“DeviceID”字符串值; 和(5)搜索“DeviceID”字符串中的反斜杠“\”字符。 如果找到反斜杠字符,则可以得出结论,网络接口卡条目与“真实”物理硬件相关联。 否则,可以得出结论,网络接口卡条目与“虚拟”设备相关联。 在一个特定实施例中,本发明被实现为网络配置软件或网络监视软件的一部分,并且允许用户或系统管理员更容易地监视和修改安装在运行在Windows 95上的计算机系统上的网络接口卡(R )或Windows 98(R)操作系统。

    METHOD FOR ESTABLISHING A SECURE AD HOC WIRELESS LAN
    4.
    发明申请
    METHOD FOR ESTABLISHING A SECURE AD HOC WIRELESS LAN 有权
    建立安全无线局域网的方法

    公开(公告)号:US20100100738A1

    公开(公告)日:2010-04-22

    申请号:US12642942

    申请日:2009-12-21

    Abstract: Secure communications on a network. An unauthenticated client on an network sends start packets to locate other clients. The unauthenticated client receives responses to the start packets from other clients on the network. The responses may be advertise packets that are from advertising clients that may be authenticated clients or other unauthenticated clients in authenticated mode. The unauthenticated client prioritizes the received packets so that authentication can be performed with the most desirable advertising client. Authentication packets are sent and received between the unauthenticated client and the advertising client in an attempt to authenticate.

    Abstract translation: 安全通信网络。 网络上未认证的客户端发送启动数据包以查找其他客户端。 未经身份验证的客户端收到来自网络上其他客户端的起始数据包的响应。 响应可以是通过来自可以是经认证的客户端的广告客户端或其他经认证的模式的未经认证的客户端的分组。 未经身份验证的客户端对接收到的数据包进行优先级排序,以便可以用最理想的广告客户端执行身份验证。 验证数据包在未经身份验证的客户端和广告客户端之间发送和接收,以尝试进行身份验证。

    Method for establishing a secure Ad Hoc wireless LAN
    5.
    发明授权
    Method for establishing a secure Ad Hoc wireless LAN 有权
    建立安全Ad Hoc无线局域网的方法

    公开(公告)号:US07660990B1

    公开(公告)日:2010-02-09

    申请号:US10832698

    申请日:2004-04-27

    Abstract: Secure communications on a network. An unauthenticated client on an network sends start packets to locate other clients. The unauthenticated client receives responses to the start packets from other clients on the network. The responses may be advertise packets that are from advertising clients that may be authenticated clients or other unauthenticated clients in authenticated mode. The unauthenticated client prioritizes the received packets so that authentication can be performed with the most desirable advertising client. Authentication packets are sent and received between the unauthenticated client and the advertising client in an attempt to authenticate.

    Abstract translation: 安全通信网络。 网络上未认证的客户端发送启动数据包以查找其他客户端。 未经身份验证的客户端收到来自网络上其他客户端的起始数据包的响应。 响应可以是通过来自可以是经认证的客户端的广告客户端或其他经认证的模式的未经认证的客户端的分组。 未经身份验证的客户端对接收到的数据包进行优先级排序,以便可以用最理想的广告客户端执行身份验证。 验证数据包在未经身份验证的客户端和广告客户端之间发送和接收,以尝试进行身份验证。

    Method for establishing a secure ad hoc wireless LAN
    6.
    发明授权
    Method for establishing a secure ad hoc wireless LAN 有权
    建立安全自组织无线局域网的方法

    公开(公告)号:US08321676B2

    公开(公告)日:2012-11-27

    申请号:US12642942

    申请日:2009-12-21

    Abstract: Secure communications on a network. An unauthenticated client on an network sends start packets to locate other clients. The unauthenticated client receives responses to the start packets from other clients on the network. The responses may be advertise packets that are from advertising clients that may be authenticated clients or other unauthenticated clients in authenticated mode. The unauthenticated client prioritizes the received packets so that authentication can be performed with the most desirable advertising client. Authentication packets are sent and received between the unauthenticated client and the advertising client in an attempt to authenticate.

    Abstract translation: 安全通信网络。 网络上未认证的客户端发送启动数据包以查找其他客户端。 未经身份验证的客户端收到来自网络上其他客户端的起始数据包的响应。 响应可以是通过来自可以是经认证的客户端的广告客户端或其他未经认证的客户端的认证模式的分组。 未经身份验证的客户端对接收到的数据包进行优先级排序,以便可以用最理想的广告客户端执行身份验证。 验证数据包在未经身份验证的客户端和广告客户端之间发送和接收,以尝试进行身份验证。

    Method for managing network access
    7.
    发明授权
    Method for managing network access 有权
    管理网络访问的方法

    公开(公告)号:US07194004B1

    公开(公告)日:2007-03-20

    申请号:US10060112

    申请日:2002-01-28

    Inventor: Brant D. Thomsen

    CPC classification number: H04L63/101 H04L63/08

    Abstract: A method for providing security in a computing network. A device connects to a network and authenticates itself with a server. Next, the server adds the IP address of the device to a list of trusted devices. The server broadcasts the trusted IP address to all devices in the network to which the newly authenticated device is allowed to communicate. The devices in the network add the trusted IP address to a list of trusted address stored on each device. The server may also transmit its stored list to the newly authenticated device. After a device has received a packet, it determines if the IP address associated with the packet is on its trusted list. If it is, the device processes the packet. If the IP address is not found on the safe list, the device queries the authentication server to determine if the IP address is safe.

    Abstract translation: 一种在计算网络中提供安全性的方法。 设备连接到网络并使用服务器进行身份验证。 接下来,服务器将设备的IP地址添加到可信设备列表中。 服务器将可信IP地址广播到允许新认证设备通信的网络中的所有设备。 网络中的设备将可信IP地址添加到每个设备上存储的可信地址列表中。 服务器还可以将其存储的列表发送到新认证的设备。 在设备收到数据包之后,它确定与数据包相关联的IP地址是否在其信任列表上。 如果是,则设备处理该分组。 如果在安全列表中找不到IP地址,设备会查询认证服务器,以确定IP地址是否安全。

    Method of detecting TCP/IP bindings of installed network interface cards present in a computer system
    8.
    发明授权
    Method of detecting TCP/IP bindings of installed network interface cards present in a computer system 失效
    检测存在于计算机系统中的已安装网络接口卡的TCP / IP绑定的方法

    公开(公告)号:US06675234B1

    公开(公告)日:2004-01-06

    申请号:US09734796

    申请日:2000-12-11

    Inventor: Brant D. Thomsen

    Abstract: The present invention provides a method for detecting TCP/IP (Transmission Control Protocol/Internet Protocol) bindings for Network Interface Cards (NICs) installed on Windows 95™ and Windows 98™ operating systems with a VPN (Virtual Private Network) client present. More particularly, the present invention provides a method for parsing the Windows™ system registry to detect TCP/IP bindings for network interface cards installed within a host computer system. In one embodiment, a function for detecting TCP/IP bindings of one network interface card implemented and repeated for all keys of the registry of a computer software for detecting the TCP/IP bindings for network interface cards installed on the host computer system.

    Abstract translation: 本发明提供了一种用于检测安装在具有VPN(虚拟专用网)的Windows 95(TM)和Windows 98 TM操作系统上的网络接口卡(NIC)的TCP / IP(传输控制协议/因特网协议) 客户礼物 更具体地,本发明提供了一种用于解析Windows TM系统注册表以检测安装在主计算机系统内的网络接口卡的TCP / IP绑定的方法。 在一个实施例中,用于检测对计算机软件的注册表的所有密钥实施和重复的一个网络接口卡的TCP / IP绑定的功能,用于检测安装在主计算机系统上的网络接口卡的TCP / IP绑定。

    Method of detecting TCP/IP bindings of installed network interface cards present in a computer system
    9.
    发明授权
    Method of detecting TCP/IP bindings of installed network interface cards present in a computer system 失效
    检测存在于计算机系统中的已安装网络接口卡的TCP / IP绑定的方法

    公开(公告)号:US06529965B1

    公开(公告)日:2003-03-04

    申请号:US09568098

    申请日:2000-05-09

    Abstract: A method for detecting TCP/IP (Transmission Control Protocol/Internet Protocol) bindings for Network Interface Cards (NICs) installed on Windows 95® and Windows 98® operating systems with a VPN (Virtual Private Network) client present. The present invention provides a method for parsing the Windows™ system registry to detect TCP/IP bindings for network interface cards installed within a host computer system. In one embodiment, a DriverCheck function and a HardwareCheck function are implemented as parts of a computer software for detecting the TCP/IP bindings for network interface cards installed on the host computer system.

    Abstract translation: 检测安装在具有VPN(虚拟专用网络)客户端的Windows 95(R)和Windows 98(R)操作系统上的网络接口卡(NIC)的TCP / IP(传输控制协议/互联网协议)绑定的方法。 本发明提供了一种用于解析Windows TM系统注册表以检测安装在主计算机系统内的网络接口卡的TCP / IP绑定的方法。 在一个实施例中,DriverCheck功能和HardwareCheck功能被实现为用于检测安装在主计算机系统上的网络接口卡的TCP / IP绑定的计算机软件的一部分。

Patent Agency Ranking