Abstract: The wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor's LAN) by conducting one or more tests. The sniffers detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs. Upon identifying unauthorized AP and/or intruding wireless station an indication is transferred to the prevention process.

Abstract: An apparatus for wireless communication including an automated intrusion detection process is provided. The apparatus has a portable housing, which may have a length no greater than 1 meter, a width no greater than 1 meter, and a height of no greater than 1 meter. A processing unit (e.g., CPU) is within the housing. One or more wireless network interface devices are within the housing and are coupled to the processing unit. The apparatus has an Ethernet (or like) network interface device within the housing and coupled to the processing unit. A network connector is coupled to the Ethernet network device. One or more memories are coupled to the processing unit. A code is directed to perform a process for detection of a wireless activity within a selected local geographic region. According to a specific embodiment, the wireless activity is derived from at least one authorized device or at least an other device.

Abstract: An apparatus for wireless communication including an automated intrusion detection process is provided. The apparatus includes a processing unit. It includes a wireless network interface device and an Ethernet (or like) wired network interface device that are coupled to the processing unit. One or more memories are coupled to the processing unit. A code is directed to perform a process for detection of wireless activity within a selected local geographic region. According to a specific embodiment, the wireless activity is derived from a wireless access point device that is operational about the selected local geographic region. A code is directed to performing connectivity test using one or more marker packets to determine connectivity status of the wireless access point device to network to be protected from intrusion. Depending upon the embodiment, other codes may exist to carry out the functionality described herein.

Abstract: The wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor's LAN) by conducting one or more tests. The sniffers detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs. Upon identifying unauthorized AP and/or intruding wireless station an indication is transferred to the prevention process.

Abstract: An apparatus for wireless communication including an automated intrusion detection process is provided. The apparatus includes a processing unit. It includes a wireless network interface device and an Ethernet (or like) wired network interface device that are coupled to the processing unit. One or more memories are coupled to the processing unit. A code is directed to perform a process for detection of wireless activity within a selected local geographic region. According to a specific embodiment, the wireless activity is derived from a wireless access point device that is operational about the selected local geographic region. A code is directed to performing connectivity test using one or more marker packets to determine connectivity status of the wireless access point device to network to be protected from intrusion. Depending upon the embodiment, other codes may exist to carry out the functionality described herein.

Abstract: A method for restricting one or more wireless devices from engaging in wireless communication within a selected local geographic region. The method includes receiving an indication comprising at least identity information. Preferably, the indication is associated with a selected wireless device, which is associated with an undesirable wireless communication within the selected local geographic region. The method includes selecting one or more processes directed to restrict the selected wireless device from engaging in wireless communication and performing a prioritized access to a wireless medium using at least one of one or more sniffer devices, which are spatially disposed within a vicinity of the selected local geographic region. The method transmits one or more packets from the at least one of one or more sniffer devices. Preferably, the one or more packets are directed to perform said one or more processes to restrict the selected wireless device.

Abstract: Methods and systems for detecting a masquerading wireless device in a local area network are provided. The method includes receiving a first packet and a second packet. Preferably, the first packet includes a first identity information and a first time information, and the second packet includes a second identity information and a second time information. The method can compute, using the first time information, a first approximation to a starting time of a wireless device associated with the first identity information. The method can also compute, using the second time information, a second approximation to a starting time of a wireless device associated with the second identity information. The method further includes determining whether a masquerading wireless device is present in the local area network based on at least the first and second approximations.

Abstract: A method for monitoring a selected region of an airspace associated with local area networks of computing devices is provided. The method includes providing one or more segments of a legacy local area network to be protected in a selected geographic region. The legacy local area network is characterized by an unsecured airspace within the selected geographic region. The method includes determining a security policy associated with the one or more segments of the legacy local area network. The security policy at least characterizes a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored. Additionally, the method includes connecting one or more sniffer devices into the legacy local area network. The one or more sniffer devices are spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy.

Abstract: A method for arbitrating use of wireless medium for transmission of wireless signals within a selected local geographic region. The selected local geographic region comprises a first set of a plurality of devices to be allowed to transmit wireless signals and a second set of one or more devices to be substantially restricted from transmitting wireless signals. The method includes providing identity information associated with the first set of wireless devices. The method includes transmitting over a wireless medium at least one packet for each of the wireless devices in the first set. The at least one packet for each of the wireless devices includes an identity information, including an address, associated with that wireless device. That wireless device is a recipient of the one packet on the wireless medium. The at least one packet also has a selected value in a duration field of at least the one packet.

Abstract: A system and method is provided for detecting wireless access devices coupled to local area network of computers. The method includes coupling a sniffer device to a local area network. The method includes transferring one or more packets to be directed to a selected device over the local area network. The selected device is preferably coupled to the local area network. The method includes intercepting the one or more packets to be directed to the selected device at the sniffer device. Moreover, the method includes deriving information from the intercepted one or more packets using the sniffer device. The method can generate one or more marker packets in a selected format using the sniffer device. The marker packets are provided based upon at least a portion of the information derived from the intercepted packets.

Abstract: According to an embodiment of the present invention, the wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor's LAN) by conducting one or more tests. The sniffers continue to monitor the selected geographic area to detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs.

Abstract: A method for arbitrating use of wireless medium for transmission of wireless signals within a selected local geographic region. The selected local geographic region comprises a first set of a plurality of devices to be allowed to transmit wireless signals and a second set of one or more devices to be substantially restricted from transmitting wireless signals. The method includes providing identity information associated with the first set of wireless devices. The method includes transmitting over a wireless medium at least one packet for each of the wireless devices in the first set. The at least one packet for each of the wireless devices includes an identity information, including an address, associated with that wireless device. That wireless device is a recipient of the one packet on the wireless medium. The at least one packet also has a selected value in a duration field of at least the one packet.

Abstract: According to an embodiment of the present invention, the wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor's LAN) by conducting one or more tests. The sniffers continue to monitor the selected geographic area to detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs.

Abstract: A method for arbitrating use of wireless medium for transmission of wireless signals within a selected local geographic region. The selected local geographic region comprises a first set of a plurality of devices to be allowed to transmit wireless signals and a second set of one or more devices to be substantially restricted from transmitting wireless signals. The method includes providing identity information associated with the first set of wireless devices. The method includes transmitting over a wireless medium at least one packet for each of the wireless devices in the first set. The at least one packet for each of the wireless devices includes an identity information, including an address, associated with that wireless device. That wireless device is a recipient of the one packet on the wireless medium. The at least one packet also has a selected value in a duration field of at least the one packet.

Abstract: A system and method is provided for detecting wireless access devices coupled to local area network of computers. The method includes coupling a sniffer device to a local area network. The method includes transferring one or more packets to be directed to a selected device over the local area network. The selected device is preferably coupled to the local area network. The method includes intercepting the one or more packets to be directed to the selected device at the sniffer device. Moreover, the method includes deriving information from the intercepted one or more packets using the sniffer device. The method can generate one or more marker packets in a selected format using the sniffer device. The marker packets are provided based upon at least a portion of the information derived from the intercepted packets.

Abstract: Methods and systems for detecting a masquerading wireless device in a local area network are provided. The method includes receiving a first packet and a second packet. Preferably, the first packet includes a first identity information and a first time information, and the second packet includes a second identity information and a second time information. The method can compute, using the first time information, a first approximation to a starting time of a wireless device associated with the first identity information. The method can also compute, using the second time information, a second approximation to a starting time of a wireless device associated with the second identity information. The method further includes determining whether a masquerading wireless device is present in the local area network based on at least the first and second approximations.

Abstract: A system and method is provided for detecting wireless access devices coupled to local area network of computers. The method includes coupling a sniffer device to a local area network. The method includes transferring one or more packets to be directed to a selected device over the local area network. The selected device is preferably coupled to the local area network. The method includes intercepting the one or more packets to be directed to the selected device at the sniffer device. Moreover, the method includes deriving information from the intercepted one or more packets using the sniffer device. The method can generate one or more marker packets in a selected format using the sniffer device. The marker packets are provided based upon at least a portion of the information derived from the intercepted packets.

Abstract: A system and method for locating a wireless device in one or more wireless networks within a selected geographic region. The method includes generating a computer model of a selected geographic region including a layout and inputting information associated with one or more components of a wireless network into the computer model. The one or more components includes at least one or more sniffer devices. Additionally, the method includes determining signal intensity characteristics of the one or more components of the wireless network over at least a portion of the selected geographic region and receiving one or more wireless signals from one or more wireless devices. Moreover, the method includes determining a plurality of probabilities associated with a plurality of locations for at least one of the one or more wireless devices.

Abstract: An apparatus for wireless communication including an automated intrusion detection process is provided. The apparatus has a portable housing, which may have a length no greater than 1 meter, a width no greater than 1 meter, and a height of no greater than 1 meter. A processing unit (e.g., CPU) is within the housing. One or more wireless network interface devices are within the housing and are coupled to the processing unit. The apparatus has an Ethernet (or like) network interface device within the housing and coupled to the processing unit. A network connector is coupled to the Ethernet network device. One or more memories are coupled to the processing unit. A code is directed to perform a process for detection of a wireless activity within a selected local geographic region. According to a specific embodiment, the wireless activity is derived from at least one authorized device or at least an other device.

Abstract: An apparatus for wireless communication including an automated intrusion detection process is provided. The apparatus has a portable housing, which may have a length no greater than 1 meter, a width no greater than 1 meter, and a height of no greater than 1 meter. A processing unit (e.g., CPU) is within the housing. One or more wireless network interface devices are within the housing and are coupled to the processing unit. The apparatus has an Ethernet (or like) network interface device within the housing and coupled to the processing unit. A network connector is coupled to the Ethernet network device. One or more memories are coupled to the processing unit. A code is directed to perform a process for detection of a wireless activity within a selected local geographic region. According to a specific embodiment, the wireless activity is derived from at least one authorized device or at least an other device.