Telecommunications – Radiotelephone system – Zoned or cellular telephone system
Reexamination Certificate
2002-03-01
2004-06-22
Maung, Nay (Department: 2684)
Telecommunications
Radiotelephone system
Zoned or cellular telephone system
C455S067130, C455S456100, C455S456400, C370S254000, C709S224000
Reexamination Certificate
active
06754488
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to network analyzers, and more particularly to analyzing wireless networks.
BACKGROUND OF THE INVENTION
Network assessment tools referred to as “analyzers” are often relied upon to analyze networks communications at a plurality of layers. One example of such analyzers is the Sniffer® device manufactured by Network Associates®, Inc. Analyzers have similar objectives such as determining why network performance is slow, understanding the specifics about excessive traffic, and/or gaining visibility into various parts of the network.
In use, network analyzers often take the form of a program that monitors and analyzes network traffic, detecting bottlenecks and problems. Using this information, a network manager can keep traffic flowing efficiently. A network analyzer can also be used legitimately or illegitimately to capture data being transmitted on a network. For example, a network router reads every packet of data passed to it, determining whether it is intended for a destination within the router's network or whether it should be passed further along the Internet. A router with a network analyzer, however, may be able to read the data in the packet as well as the source and destination addresses. It should be noted that network analyzers may also analyze data other than network traffic. For example, a database could be analyzed for certain kinds of duplication, etc.
Network analyzers have been used to monitor various types of networks including wireless networks. Wireless communications can be vulnerable to eavesdropping since radio frequency (RF) waves radiate everywhere within a transmitter range, including areas outside of physical buildings. This makes the task of securing a wireless local area network (LAN) difficult. It is also relatively simple to set up additional stations/access points (APs) to intercept/interfere with the normal operations of wireless networks. These rogue devices can compromise the security of these networks.
Various problems exist in physically locating rogue APs. These problems are complicated by the nature of RF waves used in wireless LANs. Table #1 itemizes these various problems.
TABLE #1
The logical address of a wireless node is not an indication of its physical
location. They may be located anywhere within the wireless LAN service
area.
There are no readily apparent boundaries for RF waves. They can
propagate well outside of the building's physical area. Various physical
means (i.e. metallic shielding in the building, etc.) commonly used to
confine RF waves traditionally are not economically feasible for most
wireless environments.
The RF wave propagation properties are time varying, asymmetric and
highly susceptible to environmental conditions. The presence or absence
of various objects or even people can affect propagation.
The rogue devices may or may not be observable from any one particular
location due to the nature of the propagation, thus making their detection
by stationary detectors problematic.
To date, network analyzers have only been able to identify whether APs exist and whether they are expected or not. Unfortunately, this functionality is limited in terms of locating rogue devices and resolving such situations. There is thus a need for a network analyzer that can not only detect and identify APs, but also overcome the foregoing problems in the realm of wireless networks in order to physically locate rogue devices so that appropriate security actions, authentication, etc. may be carried out.
DISCLOSURE OF THE INVENTION
A system, method and computer program product are provided for ascertaining the location of an access point in a wireless network. Initially, a strength of a radio frequency signal of an access point of a wireless network is monitored at a position utilizing a wireless network analyzer. Next, the wireless network analyzer is moved about the position. The foregoing operations may be repeated to allow the location of the access point to be ascertained based on the monitored strength of the radio frequency signal.
In one embodiment, the wireless network may include an 802.11 wireless network. Further, a list of access points may be defined for the wireless network. As an option, a list of access points with unique identifiers (i.e. MAC addresses) may be tagged as expected/authorized, and any other access points not on this list are considered suspect.
In another embodiment, the wireless network analyzer may be moved to another position. Moreover, the foregoing method of ascertaining the location of the access point may be repeated at the additional position to further refine the process.
In still another embodiment, an administrator or the like may react to the access point upon ascertaining the location thereof. Just by way of example, the access point may be sought out and eliminated, authenticated, etc. As an option, a global positioning system may be used in the course of ascertaining the location of the access point. As a further option, the wireless network analyzer may include a mobile handset.
In still yet another embodiment, the various operations of the present technique may be carried out for ascertaining the location of a plurality of access points. In such embodiment, each of the access points may be differentiated and tracked utilizing an identifier (i.e. MAC address).
As an option, a degree of accuracy may be defined by a user, administrator or in a predetermined manner. As such, a notification may be output upon the location of the access point being ascertained within the defined degree of accuracy. To this end, the present techniques may be repeated until the location of the access point is ascertained with a desired degree of accuracy.
Thus, a system and method of searching out and locating, both inside or outside a physical premises, unexpected or unauthorized access points (i.e. wireless local area network (LAN) stations, etc.) is provided by tracking the radio frequency (RF) signal strengths at various locations. This technique may also be useful in locating other RF devices.
REFERENCES:
patent: 6263208 (2001-07-01), Chang et al.
patent: 6397154 (2002-05-01), Jones et al.
patent: 2002/0105912 (2002-08-01), Krishnamachari et al.
patent: 2003/0054829 (2003-03-01), Moisio
patent: 2003/0117985 (2003-06-01), Fujii et al.
patent: 2003/0131082 (2003-07-01), Kachi
patent: 2003/0140137 (2003-07-01), Joiner et al.
patent: 2003/0157895 (2003-08-01), Agrawal et al.
patent: 2003/0185244 (2003-10-01), Wu et al.
patent: 01/26335 (2001-04-01), None
Won King L.
Wu Handong
Yildiz Kazim O.
Hamaty Christopher J.
Maung Nay
Networks Associates Technologies, Inc.
Orgad Edan
Silicon Valley IP Group PC
LandOfFree
System and method for detecting and locating access points... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for detecting and locating access points..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for detecting and locating access points... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3329943