AU739754B3 - Method for identifying the network location of a computer connected to the internet - Google Patents

Method for identifying the network location of a computer connected to the internet Download PDF

Info

Publication number
AU739754B3
AU739754B3 AU71641/00A AU7164100A AU739754B3 AU 739754 B3 AU739754 B3 AU 739754B3 AU 71641/00 A AU71641/00 A AU 71641/00A AU 7164100 A AU7164100 A AU 7164100A AU 739754 B3 AU739754 B3 AU 739754B3
Authority
AU
Australia
Prior art keywords
computer
network
location
instructions
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
AU71641/00A
Other versions
AU739754C (en
Inventor
Paul Manchin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to AU71641/00A priority Critical patent/AU739754C/en
Publication of AU739754B3 publication Critical patent/AU739754B3/en
Priority to EP01983320A priority patent/EP1350150A1/en
Priority to AU2002214833A priority patent/AU2002214833A1/en
Priority to US10/416,865 priority patent/US20040049567A1/en
Priority to PCT/AU2001/001490 priority patent/WO2002041122A1/en
Application granted granted Critical
Publication of AU739754C publication Critical patent/AU739754C/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Description

METHOD FOR IDENTIFYING THE NETWORK LOCATION OF A COMPUTER CONNECTED TO THE INTERNET FIELD OF THE INVENTION The present invention is concerned with a method for identifying the network location of a computer that is connected to the Internet. The invention finds particular application in aiding in the recovery of misappropriated Internet capable computers.
BACKGROUND TO THE INVENTION Most personal computers are now manufactured to include software and hardware to enable connection to the Internet.
Such computers are relatively expensive articles. Furthermore over recent years personal computers have become more compact and increasingly susceptible to theft. Theft is particularly a problem where lap-top computers are concerned.
In the past certain methods have been used to reduce the likelihood of theft and to increase the probability of recovering stolen computers. Such methods have included the use of anti-theft devices such as high-strength cables securing the computer chassis to an office fixture. Other methods have related to the use of operating system software requiring the entry of a particular password in order to operate the computer so that the computer is inoperable without the password.
Etching of serial numbers or names identifying the owner of the computer onto its chassis has also been used to aid in post theft recovery.
Unfortunately none of the above approaches has been particularly successful and computer theft continues to be a problem.
It is an object of the present invention to provide an alternative approach to those hitherto described which aids in the recovery of stolen computers.
SUMMARY OF THE INVENTION According to a first aspect of the invention there is provided a software product stored upon a computer readable medium for execution by a computer, the software product including: location instructions for determining a computer identification code and a network location address for the computer when connected to a computer network; transmission instructions for transmitting the computer identification code and the network location address to a remote site by means of the computer network.
Preferably the software product further includes: logging instructions for generating a log of network location addresses associated with the computer upon connection being made to the computer network; and comparison instructions for comparing the log to current identification codes associated with a further connection being made to the computer network and for diverting control to the transmission instructions in the event that a discrepancy between the log and current network location addresse is detected.
Preferably the logging instructions generate a log which includes one or more computer identification codes in addition to the network location address.
In that case the comparison instructions additionally divert control to the transmission instructions in the event that a discrepancy between the log and the current computer identification code is detected. Such a situation may occur where a computer's network card is substituted.
According to a further aspect of the invention there is provided a method for determining the network location of a plurality of user computers, the method including the steps of: making available for installation on each of said user computers a software product including location instructions to determine one or more computer identification codes and one or more network location addresses, and transmission instructions to transmit said identification codes and network address to a central service location; maintaining a record of network location addresses and computer identification codes transmitted to the central service location for each user computer; providing from the central service location a network location address in response to a search key submitted by a user.
Preferably the search key is a user name and password related in the record to the computer identification code and network location address.
In one embodiment the software product further includes logging instructions as described above.
BRIEF DESCRIPTION OF THE FIGURES Figure 1 is a schematic diagram depicting various identifiers associated with a computer when connected at a first location to the Internet as occurs in the prior art.
Figure 2 is a schematic diagram depicting various identifiers associated with a computer when connected at a second location to the Internet as occurs in the prior art.
Figure 3 is a schematic diagram of a system for practising a method according to an embodiment of the present invention.
Figure 4 is a flowchart of steps used in performing a method according to an embodiment of the present invention.
Figure 5 is a flowchart of further steps used in performing a method according to an embodiment of the present invention.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS Each computer connected to the Internet has associated with it the following computer identification codes, namely: i) Manufacturer serial number (MSN): The manufacturer's serial number is a permanent and unique number inserted into ROM on the motherboard of each computer. The MSN is independent of any operating system or software loaded onto the computer.
ii) Network Adaptor Identifier (NAI): Each personal computer with Internet connectivity capability includes a network adaptor card, or equivalent havinga unique 48-bit identification number which may be read remotely over a computer network.
In addition, when a personal computer is connected to the Internet it has associated with it the following network location addresses, namely: 1) Local IP Address (LIPA): The local IP Address is the local area network unique address that is assigned to each computer on a network. The LIPA may be fixed or dynamically served from a router or similar device. Most Internet service providers and large organisations use Dynamic Host Configuration Protocol (DHCP) to assign a local IP Address to each user as they log on to the LAN.
Consequently the local IP Address is different each time a connection is established.
2) Router IP Address (RIPA): A router address is fixed and is assigned its IP Address according to its node in the network tree. The RIPA can be traced and is usually geographically locatable.
3) IP Address on Data Packet (IPADP) This address is the IP address of the last router that passed a corresponding data packet to its destination computer. The IPADP may differ from the Router IP Address that the computer transmitting the data packet can see. This difference is usually a result of proxy servers or firewalls used to protect a LAN from data emanating from a Wide Area Network (WAN).
4) Date and Time The date and time of connection to the Internet may be recorded at log on.
It will be noted from the above that each host network or host computer connected to the Internet is assigned a unique identifier called an IP Address which is used to route data packets to and from that host. Depending on the type of computer or network and also on how that computer or network is connected to the Internet the IP Address can either be fixed or can vary each time the computer or network makes a connection to the Internet. Also a computer or network can have another computer interposed between it and the direct connection to the Internet with that computer being referred to as a Proxy Server or in some cases a Firewall. The Proxy Server will also have its own IP Address.
The IP Address is a 32 bit binary number, but is usually represented using dotted decimal notation by four decimal numbers separated by decimal points. The IP Address has two parts namely the Network ID and the Host ID.
The Network ID can be identified by the first, second or third groups of decimal numbers, depending upon the network class and the remaining decimal numbers identify the Host ID.
With reference to Figure 1, a computer 14A incorporates a network adaptor card 4, is assigned a Local IP Address and is connected to a router 6.
The computer identification codes and network location addresses associated with the computer are as shown in Figure 1. The identifiers may be collected to form a record 8 as shown.
Suppose now that computer 14A is disconnected and moved to another remote location where it is reconnected to the Internet. In that case the computer may have associated with it the computer identification codes and network location addresses as shown in Figure 2. It will be noted that while the computer identification codes, i.e. the manufacturer's serial number and adaptor card number, have not changed, the network location addreses, the Local IP Address, the IP Address on Data Packet and Router address have indeed changed. Consequently the data record 10 associated with the computer when connected at the new location, contains some fields having values that differ from record 8 of Figure 1. As will be explained, the present invention records changes such as those reflected in the differences between record 8 and record 10 in order to provide information on the computer's present network location.
A system according to a first embodiment of the invention will now be described. With reference to Figure 3, service computer 12 is loaded with software for providing a web-site 17. Computer 12 also maintains a database 18. The database containing a record for each computer 14N. The users of computers 14A,...,14N are subscribers to a computer theft recovery service provided by the proprietor of computer 12. The fields of the database record are: search key, such as the user name and password; manufacturer's serial number; network adaptor number; local IP address; router IP address; IP address on data packet; date and time of registration or most recent update to the record.
Service computer 12 is also loaded with a subscriber program 16 which when accessed by each of computers 14A,...,14N installs a security program 20A,..,20N on each computer respectively. As will be explained, the security program is comprised of instructions enabling the computer executing it to perform various tasks. The instructions referred to include: location instructions by which the computer is able to determine computer identification codes, i.e. at least one of the computer's manufacturer serial number and the network adaptor number; and network location addresses, i.e. the computers local IP address and the router IP address to which it is connected; transmission instructions enabling the computer to transmit the computer identification codes and the network location addresses over a computer network to a remote site for example to service computer 12; logging instructions for generating a log of the computer's computer identification codes and network location address and storing the log file as a local file; and; comparison instructions for comparing the log to the computer identification codes and network location addresses obtained by the location instructions.
Of the above instructions at least the location and transmission instructions are essential to the operation of the software. The actual coding of the above instructions is routine in light of the program's functionality which is described below.
As alluded to above, security program 20 contains instructions enabling each user to register their computer 14A,...,14N with service computer 12 and to send messages to web-site 17 in order to update database 18 where relevant details change. For example, each of computers 14A,...,14N contains a network card 15A,...,15N respectively. In the event that the network card is changed then the address details of the new card may be sent to web-site 17 in order that database 18 may be updated appropriately.
The information that is stored in the database for a particular computer is also recorded in a log 22 generated by the logging instructions of security program The process whereby a user registers their computer with the web site for the first time is described by reference to Figure 4.
At box 30, a user of a computer 14 establishes connection with web-site 17 by the usual methods such as keying the URL of site 17 into an Internet browser loaded on computer 14.
At box 32, the user is prompted by web-site 17 to subscribe to the theft recovery service. If the user agrees to subscribe then they will be assigned a user name for the service and will be prompted to choose a password. A subscriber program 16 then commences execution so that, at box 34, security program 20 is installed on the user's computer.
At box 36, subsequent to its installation security program 20 executes the location instructions on computer 14 and determines computer 14's computer identification codes and network location addresses. Security program 20 then executes the transmission instructions and transmits the computer identification codes and network location addresses to web-site 17. Web-site 17 then creates a new record in database 18.
Finally, the logging instructions generate a log of the computer identification codes and the network location addresses and store the log as a local file on computer 14.
The updating of a record on the database is illustrated with reference to Figure 5. At box 40 the user connects computer 14 to web-site 17 via the Internet.
At box 42 security program 20 commences execution. The activation of the security program occurs automatically upon establishment of a data connection with the Internet. Execution of security program 20 occurs without notification to a user of computer 14. Consequently an unauthorised user is not alerted to the existence or operation of the security program.
At box 44 the security program, by means of the location instructions, determines computer 14's computer identification codes and network location addresses.
At box 46 program 20 retrieves the log file 22 stored on computer 14 and, in accordance with the comparison instructions, compares the retrieved data with the user's current settings obtained by the location instructions. The current settings will include the IP address of the host that the computer has accessed at box 40 in order to connect to the Internet.
If the current location address data differs from those recorded in log file 22, then the computer identification codes and network location addresses are transmitted, according to the transmission instructions, to web-site 17 which correspondingly updates database 18 at box 52.
In the event that a computer, for example computer 14A is stolen then it is likely that it will be transported from its present location to other premises and reconnected to the Internet by unauthorised persons for their illegitimate use.
Suppose that computer 14A has been illegitimately removed from its location on the Internet as shown in Figure 1 and reconnected at another location as shown in Figure 2. Note that the manufacturer's serial No.
SG0907V-JVP-fff and network adaptor card address 00.30.5.7D.53.1 have not changed. Consequently the identity of the computer in question is established.
The data that has changed is as follows: Original Location New Location Local IP Address 203.10.255.15 203.4.224.202 Router Address 203.10.255.2 203.4.224.19 Data Pkt Header 203.10.255.2 203.4.224.19 In that event the owner of computer 14A, in an attempt to gain information as to its new location, may log onto web-site 17, by means of another computer, and using their username and password retrieve the current entry for computer 14A from database 18. The current entry will include the address of the router closest to the stolen computer being, in this example 203.4.224.19.
The above address may be entered into a database relating router address to geographical location. Such a database is available at the URL http://ipindex.dragonstar.net/index.html. Upon entering the IP Address 203.4.224.19 into the database the following type of information is returned 203.4.224.0 203.4.225.225 (STCNETWORK-AU) Silverton Technical College; 52 Robertson Street; South Kempsey; Vic 7121; AU.
That information can then be passed to law enforcement authorities in order to recover the computer in question.
Similarly, a large organisation could use the service to determine where a particular computer has been connected to the Internet if that computer has been misplaced within the organisation.
Although the present invention has been described with reference to a single embodiment, it will be realised that variations and further embodiments are possible and such will be apparent to those skilled in the art and are encompassed by the following claims.

Claims (3)

1. A method for determining the network location of a plurality of user computers connected to a computer network, the method including the steps of: making available for installation on each of said user computers a software product including location instructions to determine one or more computer identification codes and one or more network location addresses, and transmission instructions to transmit said identification codes and network addresses to a central service location; maintaining a record of network location addresses and computer identification codes transmitted to the central service location for each user computer; providing from the central service location a network location address in response to a search key submitted by a user.
2. A method according to claim 1, wherein the search key is a user password related in the record to the computer identification code.
3. A method according to claim 1, wherein the software product further includes: logging instructions for generating a log of network location addresses associated with the computer upon connection being made to the computer network; and comparison instructions for comparing the log to current identification codes associated with a further connection being made to the computer network and for diverting control to the transmission instructions in the event that a discrepancy between the log and current network location address is detected. 12 DATED THE SIXTEENTH DAY OF NOVEMBER 2000 PAUL MANCHIN BY PIZZEYS PATENT TRADE MARK ATTORNEYS
AU71641/00A 2000-11-16 2000-11-16 Method for identifying the network location of a computer connected to the internet Ceased AU739754C (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
AU71641/00A AU739754C (en) 2000-11-16 2000-11-16 Method for identifying the network location of a computer connected to the internet
EP01983320A EP1350150A1 (en) 2000-11-16 2001-11-16 Method for identifying the network location of a computer connected to a computer network
AU2002214833A AU2002214833A1 (en) 2000-11-16 2001-11-16 Method for identifying the network location of a computer connected to a computer network
US10/416,865 US20040049567A1 (en) 2000-11-16 2001-11-16 Method for identifying the network location of a computer connected to a computer network
PCT/AU2001/001490 WO2002041122A1 (en) 2000-11-16 2001-11-16 Method for identifying the network location of a computer connected to a computer network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
AU71641/00A AU739754C (en) 2000-11-16 2000-11-16 Method for identifying the network location of a computer connected to the internet

Publications (2)

Publication Number Publication Date
AU739754B3 true AU739754B3 (en) 2001-10-18
AU739754C AU739754C (en) 2003-08-28

Family

ID=3754474

Family Applications (1)

Application Number Title Priority Date Filing Date
AU71641/00A Ceased AU739754C (en) 2000-11-16 2000-11-16 Method for identifying the network location of a computer connected to the internet

Country Status (1)

Country Link
AU (1) AU739754C (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1995012858A1 (en) * 1993-11-04 1995-05-11 The General Hospital Corporation Managing an inventory of devices
WO1997017683A1 (en) * 1995-11-06 1997-05-15 Id. Systems, Inc. Electronic control system/network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1995012858A1 (en) * 1993-11-04 1995-05-11 The General Hospital Corporation Managing an inventory of devices
WO1997017683A1 (en) * 1995-11-06 1997-05-15 Id. Systems, Inc. Electronic control system/network

Also Published As

Publication number Publication date
AU739754C (en) 2003-08-28

Similar Documents

Publication Publication Date Title
US7181195B2 (en) Method and system for tracing missing network devices using hardware fingerprints
JP4741039B2 (en) Hardware-enhanced loop-level hard zoning for Fiber Channel switch fabric
US7159125B2 (en) Policy engine for modular generation of policy for a flat, per-device database
JP3448254B2 (en) Access chain tracking system, network system, method, and recording medium
US7694343B2 (en) Client compliancy in a NAT environment
US8594084B2 (en) Network router security method
US7471684B2 (en) Preventing asynchronous ARP cache poisoning of multiple hosts
EP1249966A2 (en) Apparatus, program and method for network administration and computer network system
CN100553202C (en) The method and system that is used for dynamic device address management
EP1379046A1 (en) A personal firewall with location detection
US8990696B2 (en) Geographical vulnerability mitgation response mapping system
US20060206608A1 (en) User terminal management apparatus, user terminal management program, and user terminal management system
JP2003204335A (en) Parameter setting system
US20030005092A1 (en) Method for locating and recovering devices which are connected to the internet or to an internet-connected network
JPH11167536A (en) Method and device for client/host communication using computer network
US7793335B2 (en) Computer-implemented method, system, and program product for managing log-in strikes
CN104243472A (en) Network with MAC table overflow protection
USRE42811E1 (en) Distributed directory management system
US20060153192A1 (en) Network host isolation tool
MX2008015235A (en) Name challenge enabled zones.
KR20090120343A (en) Pharming detecting system and method for controlling this
US20040049567A1 (en) Method for identifying the network location of a computer connected to a computer network
US20040133675A1 (en) Name resolution device and name resolution method with automatic node information updating function
AU739754B3 (en) Method for identifying the network location of a computer connected to the internet
CN112511559B (en) Method and system for detecting intranet lateral movement attack

Legal Events

Date Code Title Description
FGF Patent sealed or granted (petty patent)

Ref document number: 7164100

Effective date: 20011018

NCF Extension of term for petty patent requested (sect. 69)
DA2 Applications for amendment section 104

Free format text: THE NATURE OF THE PROPOSED AMENDMENT IS AS SHOWN IN THE STATEMENT(S) FILED 20021125

DA3 Amendments made section 104

Free format text: THE NATURE OF THE AMENDMENT IS AS WAS NOTIFIED IN THE OFFICIAL JOURNAL DATED 20030220

NDF Extension of term granted for petty patent (sect. 69)