白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

Preventing connections to unauthorized access points with channel switch announcements

專利號
US10785703B1
公開日期
2020-09-22
申請人
Fortinet, Inc.(US CA Sunnyvale)
發(fā)明人
Vijayakumar V; Sudheer Nagurla
IPC分類
H04W48/02; H04W8/00; H04W48/20; H04W48/14; H04W84/12
技術(shù)領(lǐng)域
ap,aps,network,station,switch,channel,access,probe,wireless,in
地域: CA CA Sunnyvale

摘要

An unauthorized access point is identified during a periodic scan on the wireless network and storing a MAC address for the unauthorized access point and monitored for connection attempts. In response to an attempt by the unauthorized access point to connect to a wireless station or in response to the wireless station attempt to connect to the unauthorized access point, a spoofed probe response is transmitted to prevent a connection. The probe response can include a channel switching element and the MAC address of the unauthorized access point.

說明書

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
CROSS-REFERENCE TO RELATED APPLICATIONS

This application is related to U.S. application Ser. No. 13/936,213, filed Jul. 8, 2013, entitled DEAUTHENTICATING AND DISASSOCIATING UNAUTHORIZED ACCESS POINTS WITH SPOOFED MANAGEMENT FRAMES, by Mohan Ram, et al., the contents of which are hereby incorporated by reference in its entirety.

FIELD OF THE INVENTION

The invention relates generally to computer networking, and more specifically, to preventing connections to unauthorized access points with channel switch announcements.

BACKGROUND

Wireless computing technologies provide untethered access to the Internet and other networks. One of the most critical technologies for wireless networking (or Wi-Fi) is the IEEE 802.11 family of protocols promulgated by the Institute of Electrical and Electronics Engineers. Currently, the protocols are widely adopted in wireless devices such as laptop computers, tablet computers, smart phones, and network appliances. Many networks with wireless devices use an access point (AP) with a radio and antenna as an interface between wireless devices and the backbone network which is typically wired. Wireless devices can discover available APs within range of their radios by listening for beacons broadcast by APs which include an identifier such as a basic service set identifier (BSSID). Wireless devices use the identifier in a probe request to initiate a connection to the identified AP.

權(quán)利要求

1
We claim:1. A computer-implemented method in an access point (AP) of a data communication network and coupled to a wireless network, for preventing connections to unauthorized access points using channel switch announcements, the method comprising:identifying, during a periodic scan with a network communication interface, an unauthorized access point on the wireless network and storing a MAC address for the unauthorized access point;transmitting beacons over the wireless network, the beacons including an SSID that identifies the access point;detecting broadcast of a probe request from a wireless station with the MAC address for the unauthorized access point in order to begin association between the wireless station and the unauthorized access point;responsive to the probe request detection, transmitting a spoofed probe response to the station, wherein the probe response includes a channel switching element and the MAC address of the unauthorized access point, the channel switching element preventing the station from transmitting to the unauthorized access point for initiating a station association process with the unauthorized AP; andinitiating a connection with the wireless station.2. A non-transitory computer-readable medium storing instructions that, when executed by a processor, perform a computer-implemented method in an access point (AP) of a data communication network and coupled to a wireless network, for preventing connections to unauthorized access points using channel switch announcements, the method comprising:identifying, during a periodic scan with a network communication interface, an unauthorized access point on the wireless network and storing a MAC address for the unauthorized access point;transmitting beacons over the wireless network, the beacons including an SSID that identifies the access point;detecting broadcast of a probe request from a wireless station with the MAC address for the unauthorized access point in order to begin association between the wireless station and the unauthorized access point;responsive to the probe request detection, transmitting a spoofed probe response to the station, wherein the probe response includes a channel switching element and the MAC address of the unauthorized access point, the channel switching element preventing the station from transmitting to the unauthorized access point for initiating a station association process with the unauthorized AP; andinitiating a connection with the wireless station.
微信群二維碼
意見反饋