Abstract: A computer-implemented method of identifying associated communications between a first network with a first addressing scheme and a second network with a second addressing scheme is presented. The technique can include: detecting a first protocol data unit addressed from a first device in the first network and addressed to a destination in the second network, prior to translation by a network address translator; inserting, prior to translation from the first addressing scheme to the second addressing scheme, a breadcrumb protocol data unit that is addressed to the second network, the breadcrumb protocol data unit including, in a location immune from address translation by the network address translator, the source address of the first protocol data unit; receiving a translated breadcrumb protocol data unit; and reporting an association of the source address of the first protocol data unit with the translated source address of the first protocol data unit.
Type:
Grant
Filed:
August 9, 2022
Date of Patent:
April 2, 2024
Assignee:
PACKET FORENSICS, LLC
Inventors:
Victor Oppleman, Daniel Ghiringhelli, Zachary Kanner, Kristoffer Odland
Abstract: Techniques for discovering a network using a sensor installed in the network, where the network is communicatively coupled to an external network by a router, are presented. The techniques can include: determining, automatically and by the sensor, a network address of the router; detecting, automatically and by the sensor, a network address of a client in the network; assessing, automatically and by the sensor, that the client in the network is actively communicating on the network; communicating, by the sensor, with the network address of the router; and participating, by the sensor, in communications on the network by emulating the network address of the client and by using the network address of the router.
Type:
Grant
Filed:
November 18, 2022
Date of Patent:
January 2, 2024
Assignee:
PACKET FORENSICS, LLC
Inventors:
Victor Oppleman, Zachary Kanner, Eugene Antsilevich
Abstract: A computer-implemented method of identifying associated communications between a first network with a first addressing scheme and a second network with a second addressing scheme is presented. The technique can include: detecting a first protocol data unit addressed from a first device in the first network and addressed to a destination in the second network, prior to translation by a network address translator; inserting, prior to translation from the first addressing scheme to the second addressing scheme, a breadcrumb protocol data unit that is addressed to the second network, the breadcrumb protocol data unit including, in a location immune from address translation by the network address translator, the source address of the first protocol data unit; receiving a translated breadcrumb protocol data unit; and reporting an association of the source address of the first protocol data unit with the translated source address of the first protocol data unit.
Type:
Grant
Filed:
September 12, 2022
Date of Patent:
September 26, 2023
Assignee:
PACKET FORENSICS, LLC
Inventors:
Victor Oppleman, Daniel Ghiringhelli, Zachary Kanner, Kristoffer Odland