公开(公告)号：US20090013073A1

公开(公告)日：2009-01-08

申请号：US12207502

申请日：2008-09-10

申请人： Hemant Chaskar ,  Murthy Jonnalagadda ,  Sharad Mittal ,  Pravin Bhagwat

发明人： Hemant Chaskar ,  Murthy Jonnalagadda ,  Sharad Mittal ,  Pravin Bhagwat

IPC分类号： G06F15/173 ,  H04Q7/24

CPC分类号： H04W8/005

摘要： A system and method is provided for detecting wireless access devices coupled to local area network of computers. The method includes coupling a sniffer device to a local area network. The method includes transferring one or more packets to be directed to a selected device over the local area network. The selected device is preferably coupled to the local area network. The method includes intercepting the one or more packets to be directed to the selected device at the sniffer device. Moreover, the method includes deriving information from the intercepted one or more packets using the sniffer device. The method can generate one or more marker packets in a selected format using the sniffer device. The marker packets are provided based upon at least a portion of the information derived from the intercepted packets. The method includes transferring the one or more marker packets from the sniffer device over the local area network to the selected device and monitoring an airspace within a vicinity of the selected device using one or more sniffer devices

摘要翻译： 提供了一种用于检测耦合到计算机的局域网的无线接入设备的系统和方法。 该方法包括将嗅探器设备耦合到局域网。 该方法包括通过局域网传送要被定向到所选择的设备的一个或多个分组。 所选择的设备优选地耦合到局域网。 该方法包括在嗅探器设备处拦截要被引导到所选择的设备的一个或多个分组。 此外，该方法包括使用嗅探装置从拦截的一个或多个分组中导出信息。 该方法可以使用嗅探器设备生成所选格式的一个或多个标记分组。 基于从截获的分组导出的信息的至少一部分来提供标记分组。 该方法包括将来自嗅探装置的一个或多个标记分组经由局域网转移到所选择的装置，并使用一个或多个嗅探装置监视所选装置附近的空域

公开(公告)号：US20050195753A1

公开(公告)日：2005-09-08

申请号：US11026960

申请日：2004-12-29

申请人： Hemant Chaskar ,  Murthy Jonnalagadda ,  Sharad Mittal ,  Pravin Bhagwat

发明人： Hemant Chaskar ,  Murthy Jonnalagadda ,  Sharad Mittal ,  Pravin Bhagwat

IPC分类号： H04J3/16 ,  H04J3/22 ,  H04L12/28 ,  H04W8/00 ,  H04Q7/24

CPC分类号： H04W8/005

摘要： A system and method is provided for detecting wireless access devices coupled to local area network of computers. The method includes coupling a sniffer device to a local area network. The method includes transferring one or more packets to be directed to a selected device over the local area network. The selected device is preferably coupled to the local area network. The method includes intercepting the one or more packets to be directed to the selected device at the sniffer device. Moreover, the method includes deriving information from the intercepted one or more packets using the sniffer device. The method can generate one or more marker packets in a selected format using the sniffer device. The marker packets are provided based upon at least a portion of the information derived from the intercepted packets. The method includes transferring the one or more marker packets from the sniffer device over the local area network to the selected device and monitoring an airspace within a vicinity of the selected device using one or more sniffer devices

摘要翻译： 提供了一种用于检测耦合到计算机的局域网的无线接入设备的系统和方法。 该方法包括将嗅探器设备耦合到局域网。 该方法包括通过局域网传送要被定向到所选择的设备的一个或多个分组。 所选择的设备优选地耦合到局域网。 该方法包括在嗅探器设备处拦截要被引导到所选择的设备的一个或多个分组。 此外，该方法包括使用嗅探装置从拦截的一个或多个分组中导出信息。 该方法可以使用嗅探器设备生成所选格式的一个或多个标记分组。 基于从截获的分组导出的信息的至少一部分来提供标记分组。 该方法包括将来自嗅探装置的一个或多个标记分组经由局域网转移到所选择的装置，并使用一个或多个嗅探装置监视所选装置附近的空域

公开(公告)号：US07751393B2

公开(公告)日：2010-07-06

申请号：US12207502

申请日：2008-09-10

申请人： Hemant Chaskar ,  Murthy Jonnalagadda ,  Sharad Mittal ,  Pravin Bhagwat

发明人： Hemant Chaskar ,  Murthy Jonnalagadda ,  Sharad Mittal ,  Pravin Bhagwat

IPC分类号： H04L12/28

CPC分类号： H04W8/005

摘要： A system and method is provided for detecting wireless access devices coupled to local area network of computers. The method includes coupling a sniffer device to a local area network. The method includes transferring one or more packets to be directed to a selected device over the local area network. The selected device is preferably coupled to the local area network. The method includes intercepting the one or more packets to be directed to the selected device at the sniffer device. Moreover, the method includes deriving information from the intercepted one or more packets using the sniffer device. The method can generate one or more marker packets in a selected format using the sniffer device. The marker packets are provided based upon at least a portion of the information derived from the intercepted packets. The method includes transferring the one or more marker packets from the sniffer device over the local area network to the selected device and monitoring an airspace within a vicinity of the selected device using one or more sniffer devices.

摘要翻译： 提供了一种用于检测耦合到计算机的局域网的无线接入设备的系统和方法。 该方法包括将嗅探器设备耦合到局域网。 该方法包括通过局域网传送要被定向到所选择的设备的一个或多个分组。 所选择的设备优选地耦合到局域网。 该方法包括在嗅探器设备处拦截要被引导到所选择的设备的一个或多个分组。 此外，该方法包括使用嗅探装置从拦截的一个或多个分组中导出信息。 该方法可以使用嗅探器设备生成所选格式的一个或多个标记分组。 基于从截获的分组导出的信息的至少一部分来提供标记分组。 该方法包括将来自嗅探装置的一个或多个标记分组通过局域网转移到所选择的装置，并使用一个或多个嗅探装置监测所选装置附近的空域。

公开(公告)号：US07440434B2

公开(公告)日：2008-10-21

申请号：US11026960

申请日：2004-12-29

申请人： Hemant Chaskar ,  Murthy Jonnalagadda ,  Sharad Mittal ,  Pravin Bhagwat

发明人： Hemant Chaskar ,  Murthy Jonnalagadda ,  Sharad Mittal ,  Pravin Bhagwat

IPC分类号： H04L12/28

CPC分类号： H04W8/005

摘要： A system and method is provided for detecting wireless access devices coupled to local area network of computers. The method includes coupling a sniffer device to a local area network. The method includes transferring one or more packets to be directed to a selected device over the local area network. The selected device is preferably coupled to the local area network. The method includes intercepting the one or more packets to be directed to the selected device at the sniffer device. Moreover, the method includes deriving information from the intercepted one or more packets using the sniffer device. The method can generate one or more marker packets in a selected format using the sniffer device. The marker packets are provided based upon at least a portion of the information derived from the intercepted packets. The method includes transferring the one or more marker packets from the sniffer device over the local area network to the selected device and monitoring an airspace within a vicinity of the selected device using one or more sniffer devices.

摘要翻译： 提供了一种用于检测耦合到计算机的局域网的无线接入设备的系统和方法。 该方法包括将嗅探器设备耦合到局域网。 该方法包括通过局域网传送要被定向到所选择的设备的一个或多个分组。 所选择的设备优选地耦合到局域网。 该方法包括在嗅探器设备处拦截要被引导到所选择的设备的一个或多个分组。 此外，该方法包括使用嗅探装置从拦截的一个或多个分组中导出信息。 该方法可以使用嗅探器设备生成所选格式的一个或多个标记分组。 基于从截获的分组导出的信息的至少一部分来提供标记分组。 该方法包括将来自嗅探装置的一个或多个标记分组通过局域网转移到所选择的装置，并使用一个或多个嗅探装置监测所选装置附近的空域。

公开(公告)号：US07804808B2

公开(公告)日：2010-09-28

申请号：US11532811

申请日：2006-09-18

申请人： Pravin Bhagwat ,  Hemant Chaskar ,  David C. King ,  Jai Rawat

发明人： Pravin Bhagwat ,  Hemant Chaskar ,  David C. King ,  Jai Rawat

IPC分类号： H04W4/00

CPC分类号： H04W12/12 ,  H04K3/65 ,  H04K3/86 ,  H04K3/94 ,  H04K2203/18 ,  H04L29/12028 ,  H04L29/12367 ,  H04L41/28 ,  H04L61/103 ,  H04L61/2514 ,  H04L63/102 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1466 ,  H04W12/06 ,  H04W12/08

摘要： A method for monitoring a selected region of an airspace associated with local area networks of computing devices is provided. The method includes providing one or more segments of a legacy local area network to be protected in a selected geographic region. The legacy local area network is characterized by an unsecured airspace within the selected geographic region. The method includes determining a security policy associated with the one or more segments of the legacy local area network. The security policy at least characterizes a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored. Additionally, the method includes connecting one or more sniffer devices into the legacy local area network. The one or more sniffer devices are spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy.

摘要翻译： 提供了一种用于监视与计算设备的局域网相关联的空域的选定区域的方法。 该方法包括提供要在所选择的地理区域中保护的传统局域网的一个或多个段。 遗留的局域网的特征在于所选地理区域内的无安全空域。 该方法包括确定与传统局域网的一个或多个段相关联的安全策略。 安全策略至少表征了无担保空域中允许，拒绝或忽略的一种无线活动。 此外，该方法包括将一个或多个嗅探器设备连接到传统局域网中。 一个或多个嗅探装置被空间地布置在所选择的地理区域内，以使至少一部分无担保空域根据安全策略得到固定。

公开(公告)号：US20070025313A1

公开(公告)日：2007-02-01

申请号：US11532811

申请日：2006-09-18

申请人： Pravin Bhagwat ,  Hemant Chaskar ,  David King ,  Jai Rawat

发明人： Pravin Bhagwat ,  Hemant Chaskar ,  David King ,  Jai Rawat

IPC分类号： H04Q7/24

CPC分类号： H04W12/12 ,  H04K3/65 ,  H04K3/86 ,  H04K3/94 ,  H04K2203/18 ,  H04L29/12028 ,  H04L29/12367 ,  H04L41/28 ,  H04L61/103 ,  H04L61/2514 ,  H04L63/102 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1466 ,  H04W12/06 ,  H04W12/08

摘要： A method for monitoring a selected region of an airspace associated with local area networks of computing devices is provided. The method includes providing one or more segments of a legacy local area network to be protected in a selected geographic region. The legacy local area network is characterized by an unsecured airspace within the selected geographic region. The method includes determining a security policy associated with the one or more segments of the legacy local area network. The security policy at least characterizes a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored. Additionally, the method includes connecting one or more sniffer devices into the legacy local area network. The one or more sniffer devices are spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy. Moreover, the method includes coupling a security appliance to the legacy local area network. The method also includes determining if at least one of the sniffer devices is coupled to each of the one or more segments of the legacy local area network to be protected and determining if the one or more sniffer devices substantially covers the portion of the unsecured airspace to be secured The method additionally includes monitoring wireless activity in the airspace using the one or more sniffer devices, and automatically classifying, using a classification process, a portion of information associated with the monitoring of the wireless activity to at least determine if the wireless activity communicates to at least one of the one or more segments to be protected. Further, the method includes detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activity, and automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network to be protected

公开(公告)号：US20060070113A1

公开(公告)日：2006-03-30

申请号：US10970830

申请日：2004-10-20

申请人： Pravin Bhagwat ,  Hemant Chaskar ,  Gopinath Krishnamurthy

发明人： Pravin Bhagwat ,  Hemant Chaskar ,  Gopinath Krishnamurthy

IPC分类号： H04L9/32 ,  H04M3/16

CPC分类号： H04W4/021 ,  H04L63/08 ,  H04L63/1433 ,  H04W12/12

摘要： According to an embodiment of the present invention, security exposure analysis of wireless network within a selected local geographic area is provided. A computer model of the selected local geographic region comprising a layout is generated. Information regarding wireless network components is provided to the computer model. Using the computer model, signal intensity characteristics of at least one of the wireless network components are determined over at least a portion of the selected geographic region. Based at least on the signal intensity characteristics, security exposure information associated with the wireless network is determined. The security exposure information is graphically displayed on the computer screen in relation to the layout of the selected geographic region. The security exposure information includes sniffer detection and prevention coverage, access point vulnerability regions, and signal uncertainty and variability views.

摘要翻译： 根据本发明的实施例，提供了在所选择的本地地理区域内的无线网络的安全曝光分析。 生成包括布局的所选局部地理区域的计算机模型。 有关无线网络组件的信息被提供给计算机模型。 使用该计算机模型，在所选择的地理区域的至少一部分上确定至少一个无线网络组件的信号强度特性。 至少基于信号强度特性，确定与无线网络相关联的安全曝光信息。 相对于所选择的地理区域的布局，安全曝光信息以图形方式显示在计算机屏幕上。 安全曝光信息包括嗅探器检测和预防覆盖，接入点漏洞区域，信号不确定性和可变性视图。

公开(公告)号：US20060153153A1

公开(公告)日：2006-07-13

申请号：US11281133

申请日：2005-11-14

申请人： Pravin Bhagwat ,  Hemant Chaskar ,  David King ,  Jai Rawat

发明人： Pravin Bhagwat ,  Hemant Chaskar ,  David King ,  Jai Rawat

IPC分类号： H04Q7/24

CPC分类号： H04W12/12 ,  H04K3/65 ,  H04K3/86 ,  H04K3/94 ,  H04K2203/18 ,  H04L29/12028 ,  H04L29/12367 ,  H04L41/28 ,  H04L61/103 ,  H04L61/2514 ,  H04L63/102 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1466 ,  H04W12/06 ,  H04W12/08

摘要： A method for monitoring a selected region of an airspace associated with local area networks of computing devices is provided. The method includes providing one or more segments of a legacy local area network to be protected in a selected geographic region. The legacy local area network is characterized by an unsecured airspace within the selected geographic region. The method includes determining a security policy associated with the one or more segments of the legacy local area network. The security policy at least characterizes a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored. Additionally, the method includes connecting one or more sniffer devices into the legacy local area network. The one or more sniffer devices are spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy. Moreover, the method includes coupling a security appliance to the legacy local area network. The method also includes determining if at least one of the sniffer devices is coupled to each of the one or more segments of the legacy local area network to be protected and determining if the one or more sniffer devices substantially covers the portion of the unsecured airspace to be secured. The method additionally includes monitoring wireless activity in the airspace using the one or more sniffer devices, and automatically classifying, using a classification process, a portion of information associated with the monitoring of the wireless activity to at least determine if the wireless activity communicates to at least one of the one or more segments to be protected. Further, the method includes detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activity, and automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network to be protected.

公开(公告)号：US07154874B2

公开(公告)日：2006-12-26

申请号：US11281133

申请日：2005-11-14

申请人： Pravin Bhagwat ,  Hemant Chaskar ,  David C. King ,  Jai Rawat

发明人： Pravin Bhagwat ,  Hemant Chaskar ,  David C. King ,  Jai Rawat

IPC分类号： H04Q7/24

CPC分类号： H04W12/12 ,  H04K3/65 ,  H04K3/86 ,  H04K3/94 ,  H04K2203/18 ,  H04L29/12028 ,  H04L29/12367 ,  H04L41/28 ,  H04L61/103 ,  H04L61/2514 ,  H04L63/102 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1466 ,  H04W12/06 ,  H04W12/08

摘要： A method for monitoring a selected region of an airspace associated with local area networks of computing devices is provided. The method includes providing one or more segments of a legacy local area network to be protected in a selected geographic region. The legacy local area network is characterized by an unsecured airspace within the selected geographic region. The method includes determining a security policy associated with the one or more segments of the legacy local area network. The security policy at least characterizes a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored. Additionally, the method includes connecting one or more sniffer devices into the legacy local area network. The one or more sniffer devices are spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy. Moreover, the method includes coupling a security appliance to the legacy local area network. The method also includes determining if at least one of the sniffer devices is coupled to each of the one or more segments of the legacy local area network to be protected and determining if the one or more sniffer devices substantially covers the portion of the unsecured airspace to be secured. The method additionally includes monitoring wireless activity in the airspace using the one or more sniffer devices, and automatically classifying, using a classification process, a portion of information associated with the monitoring of the wireless activity to at least determine if the wireless activity communicates to at least one of the one or more segments to be protected. Further, the method includes detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activity, and automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network to be protected.

公开(公告)号：US20060058062A1

公开(公告)日：2006-03-16

申请号：US11055880

申请日：2005-02-11

申请人： Pravin Bhagwat ,  Hemant Chaskar ,  Gopinath Krishnamurthy

发明人： Pravin Bhagwat ,  Hemant Chaskar ,  Gopinath Krishnamurthy

IPC分类号： H04M1/00

CPC分类号： H04W12/12 ,  H04L63/1433

摘要： According to an embodiment of the present invention, security exposure analysis of wireless network within a selected local geographic area is provided. A computer model of the selected local geographic region comprising a layout is generated. Information regarding wireless network components is provided to the computer model. Using the computer model, signal intensity characteristics of at least one of the wireless network components are determined over at least a portion of the selected geographic region. Based at least on the signal intensity characteristics, security exposure information associated with the wireless network is determined. The security exposure information is graphically displayed on the computer screen in relation to the layout of the selected geographic region. The security exposure information includes sniffer detection and prevention coverage, access point vulnerability regions, and signal uncertainty and variability views.