CN103327484A - Method for clearing illegal AP in wireless local area network - Google Patents
Method for clearing illegal AP in wireless local area network Download PDFInfo
- Publication number
- CN103327484A CN103327484A CN2013102621562A CN201310262156A CN103327484A CN 103327484 A CN103327484 A CN 103327484A CN 2013102621562 A CN2013102621562 A CN 2013102621562A CN 201310262156 A CN201310262156 A CN 201310262156A CN 103327484 A CN103327484 A CN 103327484A
- Authority
- CN
- China
- Prior art keywords
- wireless
- illegal
- aps
- user
- rogue
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention provides a method for clearing an illegal AP in a wireless local area network. In the method, a wireless AP monitors the existing condition of the illegal AP in real time and cuts off the communicating connection of the illegal AP and a wireless user, the wireless user is timely informed of the existence of the illegal AP, and the user is reminded to timely update the wireless password and the wireless encryption mode of the wireless AP. The method aims to guarantee the internet surfing safety of the wireless user through the function of preventing phishing.
Description
Technical field
The present invention relates to the wireless LAN safety career field, particularly wireless aps equipment prevents the wireless aps trouble free service method that other illegal wireless AP equipment is invaded in the WLAN (wireless local area network).
Background technology
Be provided with at present Wi-Fi in public arenas such as a lot of coffee shops and provide any wireless network services for not specific user, generally be to adopt a wireless aps equipment, communicate by the wireless user in radio communication and the service range, for the terminal in the wireless service areas provides service on net.But, common wireless aps, because user's carelessness, weak to awareness of safety such as passwords, the wireless cipher ratio is easier to be cracked by the hacker, and so that the wireless user is connected under the rogue AP, steals wireless user's information, causes inevitable loss.
Summary of the invention
Order of the present invention is the deficiency on the safety that overcomes in the present wireless aps work, the method of removing rogue AP in a kind of wireless local is provided, in the method, wireless aps is by the situation that exists of Real-Time Monitoring rogue AP, cut off rogue AP and wireless user's communication connection, and in time notify the existence of wireless user's rogue AP, reminding user upgrades wireless cipher and the wireless encryption mode of wireless aps timely.
Technical scheme of the present invention is: the method for removing rogue AP in a kind of wireless local, in the less wireless network of number of wireless users, in the method, wireless aps is by the situation that exists of Real-Time Monitoring rogue AP, cut off rogue AP and wireless user's communication connection, may further comprise the steps:
Steps A, record the link information that all are associated with the wireless user of wireless aps;
Whether step B, wireless aps detect other wireless aps identical with own SSID itself, if having, then looking this wireless aps is illegal wireless AP, and records the MAC Address of this illegal wireless AP;
Step C, wireless aps detect whether wireless user and illegal wireless AP successful connection are arranged, if wireless user and illegal wireless AP successful connection are arranged, then turn to step D, otherwise continue to detect;
Step D, wireless aps are opened the background scans function, do all channel scanning, find illegal wireless AP and described wireless user's channel, and the channel of modification wireless aps oneself is consistent with illegal wireless AP;
Step e, structure illegal wireless AP send to removing disassociation frame or removing to prove frame of described wireless user, make described wireless user separate related with illegal wireless AP;
Step F, wireless aps are again related with described wireless user terminal, and switch to other channel;
Step G, transmission alarming page are to all wireless user terminals.
Further, in the above-mentioned wireless aps trouble free service method: among the described step B, wireless aps is opened promiscuous mode by resolving wireless message, judges whether to exist the other wireless aps identical with the SSID of wireless aps to exist.
The objective of the invention is the function by a kind of anti-fishing, guaranteed wireless user's Internet Security.
Below in conjunction with specific embodiment the present invention is done comparatively detailed description.
Description of drawings
Fig. 1 is the flow chart of removing rogue AP in the wireless local.
Embodiment
Embodiment 1, the present embodiment is in the wireless local of coffee shop or family, if illegal fishing website is arranged invades, this fishing website passes through the wireless subscriber communication in an illegal wireless aps and this wireless local, the SSID of the AP of the wireless local of this rogue AP personation coffee shop or family, namely service identifiers collection, here, the wireless user will be by illegal wireless aps online, and the illegal website just may obtain wireless user's secret, and wireless user's safety can not get effective assurance.The present embodiment is exactly a kind of method of removing illegal wireless aps.The process that the present embodiment is removed illegal wireless AP is as shown in Figure 1:
Step S1: the wireless aps of WLAN (wireless local area network) powers on, system gets up, here refer to the small-sized WLAN (wireless local area network) on the ground such as family or coffee shop, this local area network (LAN) generally only has a wireless aps, all wireless user terminals comprise computer, notebook computer or clamping plate computer etc., receive the Wi-Fi service by this WLAN (wireless local area network).
Step S2: the wireless user in the local surfs the Net by wireless aps, need to be with on wireless AO be related, and wireless aps records the MAC Address of all wireless users (STA).At this moment, wireless local normally provides service for the wireless user in this scope.In order to guarantee not have other illegal wireless aps to invade, below step S3 carry out illegal wireless AP and detect.
Step S3: wireless aps is opened promiscuous mode.Open promiscuous mode and be in order to grasp all the wireless messages below the same channel.Wireless aps is utilized promiscuous mode, by resolving wireless message (generally being the beacon frame), judges whether to exist the wireless aps identical with the SSID of wireless aps to exist.Do not exist if detect the wireless aps identical with the SSID of wireless aps, show that then the wireless office of present basis net is safer.
Step S4: if the wireless aps of identical SSID exists, recording the MAC Address of this AP, is rogue AP depending on this AP.
Step S5: the message of rogue AP can be monitored and resolve to wireless aps by promiscuous mode, sees if there is message with the wireless user is mutual, and mutual process generally is to send to go association, perhaps goes authentication to make this wireless user separate association, and connect upward rogue AP.
Step S6: if the situation of step S5 occurs, general illegal wireless AP can change channel, and in this time, wireless aps need to be opened the background scans function, does all channel scanning, finds illegal wireless AP and wireless user's channel.And the channel (wireless aps can only be monitored and resolve by promiscuous mode) of revising wireless aps oneself is consistent with illegal wireless AP.
Step S7: structure illegal wireless AP sends to removing disassociation frame or going authentication frame of wireless user, makes the wireless user separate association.This goes related, and raw address is the MAC Address of rogue AP, and destination address is wireless user's MAC Address, and BSSID is the MAC Address of rogue AP), this frame is forged, and purpose is exactly in order to go association.
Step S8: until wireless user and wireless aps are successfully associated again.And switch to other channels.
Step S9: send alarming page to the wireless user, notify the wireless user to revise wireless authentication and cipher mode.
In the present embodiment, wireless aps is cut off rogue AP and wireless user's communication connection by the situation that exists of Real-Time Monitoring rogue AP, and in time notifies the existence of wireless user's rogue AP, and reminding user upgrades wireless cipher and the wireless encryption mode of wireless aps timely.The method only is used in the less family wireless network of user.Implementation step decomposes as follows:
1, after the wireless aps system gets up, opens promiscuous mode.
2, when having on the wireless user-association after the wireless aps, record this wireless user's link information.
3, wireless aps is utilized promiscuous mode and the background scans Function detection wireless aps identical with own SSID.
4, after the wireless user separates association, concurrent existing identical SSID exists, and just opens the background scans function.Scanning wireless user and identical SSID, just send and remove disassociation frame, go authentication frame, is that wireless user and rogue AP disconnect, and sends disassociation frame again the wireless user is connected.
5, by sending the form of the warning page, transmission information notifies it to revise wireless authentication pattern and safer password to the wireless user.
Claims (2)
1. remove the method for rogue AP in the wireless local, in the less wireless network of number of wireless users, it is characterized in that: in the method, wireless aps is by the situation that exists of Real-Time Monitoring rogue AP, cut off rogue AP and wireless user's communication connection, may further comprise the steps:
Steps A, record the link information that all are associated with the wireless user of wireless aps;
Whether step B, wireless aps detect other wireless aps identical with own SSID itself, if having, then looking this wireless aps is illegal wireless AP, and records the MAC Address of this illegal wireless AP;
Step C, wireless aps detect whether wireless user and illegal wireless AP successful connection are arranged, if wireless user and illegal wireless AP successful connection are arranged, then turn to step D, otherwise continue to detect;
Step D, wireless aps are opened the background scans function, do all channel scanning, find illegal wireless AP and described wireless user's channel, and the channel of modification wireless aps oneself is consistent with illegal wireless AP;
Step e, structure illegal wireless AP send to removing disassociation frame or removing to prove frame of described wireless user, make described wireless user separate related with illegal wireless AP;
Step F, wireless aps are again related with described wireless user terminal, and switch to other channel;
Step G, transmission alarming page are to all wireless user terminals.
2. remove the method for rogue AP in the wireless local according to claim 1, it is characterized in that: among the described step B, wireless aps is opened promiscuous mode by resolving wireless message, judges whether to exist the other wireless aps identical with the SSID of wireless aps to exist.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2013102621562A CN103327484A (en) | 2013-06-27 | 2013-06-27 | Method for clearing illegal AP in wireless local area network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2013102621562A CN103327484A (en) | 2013-06-27 | 2013-06-27 | Method for clearing illegal AP in wireless local area network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103327484A true CN103327484A (en) | 2013-09-25 |
Family
ID=49195962
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2013102621562A Pending CN103327484A (en) | 2013-06-27 | 2013-06-27 | Method for clearing illegal AP in wireless local area network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103327484A (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103916394A (en) * | 2014-03-31 | 2014-07-09 | 魏强 | Data transmission method and system under public wifi environment |
CN104243490A (en) * | 2014-09-30 | 2014-12-24 | 北京金山安全软件有限公司 | Method and device for identifying pseudo wireless network access point and mobile terminal |
CN104270761A (en) * | 2014-09-30 | 2015-01-07 | 北京金山安全软件有限公司 | pseudo-WIFI (Wireless Fidelity) identification and processing method and device |
CN105262734A (en) * | 2015-09-23 | 2016-01-20 | 周超 | Secure router having hacker attack prevention function |
CN106102068A (en) * | 2016-08-23 | 2016-11-09 | 大连网月科技股份有限公司 | A kind of illegal wireless access point detection and attack method and device |
CN106792715A (en) * | 2017-04-14 | 2017-05-31 | 杭州亚古科技有限公司 | Illegal wireless AP detection methods and device |
CN106851646A (en) * | 2016-12-31 | 2017-06-13 | 北京红山瑞达科技有限公司 | A kind of wifi accesses safety detection method and device, wifi access systems |
CN107094298A (en) * | 2017-05-11 | 2017-08-25 | 北京囡宝科技有限公司 | Take precautions against module, wireless network access device and the method for illegal wireless network insertion |
CN108419238A (en) * | 2018-02-02 | 2018-08-17 | 浙江大华技术股份有限公司 | A kind of method and device of detection rogue AP |
CN110087244A (en) * | 2019-04-29 | 2019-08-02 | 新华三技术有限公司 | A kind of information acquisition method and device |
WO2022061586A1 (en) * | 2020-09-23 | 2022-03-31 | Arris Enterprises Llc | Using ap information for determining network operations |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1996893A (en) * | 2006-12-25 | 2007-07-11 | 杭州华为三康技术有限公司 | Method, device and system for monitoring illegal access point in the wireless LAN |
CN101079741A (en) * | 2007-06-29 | 2007-11-28 | 杭州华三通信技术有限公司 | Access point, access controller and method for monitoring illegal access |
CN102438238A (en) * | 2011-12-28 | 2012-05-02 | 武汉虹旭信息技术有限责任公司 | Method for detecting illegal AP (Assembly Program) under centralized WLAN (Wireless Local Area Network) environment |
-
2013
- 2013-06-27 CN CN2013102621562A patent/CN103327484A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1996893A (en) * | 2006-12-25 | 2007-07-11 | 杭州华为三康技术有限公司 | Method, device and system for monitoring illegal access point in the wireless LAN |
CN101079741A (en) * | 2007-06-29 | 2007-11-28 | 杭州华三通信技术有限公司 | Access point, access controller and method for monitoring illegal access |
CN102438238A (en) * | 2011-12-28 | 2012-05-02 | 武汉虹旭信息技术有限责任公司 | Method for detecting illegal AP (Assembly Program) under centralized WLAN (Wireless Local Area Network) environment |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103916394A (en) * | 2014-03-31 | 2014-07-09 | 魏强 | Data transmission method and system under public wifi environment |
CN104243490B (en) * | 2014-09-30 | 2017-12-22 | 北京金山安全软件有限公司 | Method and device for identifying pseudo wireless network access point and mobile terminal |
CN104243490A (en) * | 2014-09-30 | 2014-12-24 | 北京金山安全软件有限公司 | Method and device for identifying pseudo wireless network access point and mobile terminal |
CN104270761A (en) * | 2014-09-30 | 2015-01-07 | 北京金山安全软件有限公司 | pseudo-WIFI (Wireless Fidelity) identification and processing method and device |
CN104270761B (en) * | 2014-09-30 | 2017-12-22 | 北京金山安全软件有限公司 | pseudo-WIFI (Wireless Fidelity) identification and processing method and device |
CN105262734A (en) * | 2015-09-23 | 2016-01-20 | 周超 | Secure router having hacker attack prevention function |
CN106102068A (en) * | 2016-08-23 | 2016-11-09 | 大连网月科技股份有限公司 | A kind of illegal wireless access point detection and attack method and device |
CN106851646A (en) * | 2016-12-31 | 2017-06-13 | 北京红山瑞达科技有限公司 | A kind of wifi accesses safety detection method and device, wifi access systems |
CN106792715A (en) * | 2017-04-14 | 2017-05-31 | 杭州亚古科技有限公司 | Illegal wireless AP detection methods and device |
CN106792715B (en) * | 2017-04-14 | 2019-10-08 | 杭州亚古科技有限公司 | Illegal wireless AP detection method and device |
CN107094298A (en) * | 2017-05-11 | 2017-08-25 | 北京囡宝科技有限公司 | Take precautions against module, wireless network access device and the method for illegal wireless network insertion |
CN108419238A (en) * | 2018-02-02 | 2018-08-17 | 浙江大华技术股份有限公司 | A kind of method and device of detection rogue AP |
CN110087244A (en) * | 2019-04-29 | 2019-08-02 | 新华三技术有限公司 | A kind of information acquisition method and device |
WO2022061586A1 (en) * | 2020-09-23 | 2022-03-31 | Arris Enterprises Llc | Using ap information for determining network operations |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103327484A (en) | Method for clearing illegal AP in wireless local area network | |
CN107683617B (en) | System and method for pseudo base station detection | |
US9705913B2 (en) | Wireless hotspot attack detection | |
EP2742711B1 (en) | Detection of suspect wireless access points | |
US7216365B2 (en) | Automated sniffer apparatus and method for wireless local area network security | |
US20150271194A1 (en) | Fake Base Station Detection with Core Network Support | |
KR100694219B1 (en) | Apparatus and method detecting data transmission mode of access point in wireless terminal | |
US20150040194A1 (en) | Monitoring of smart mobile devices in the wireless access networks | |
CN104580152A (en) | Protection method and system against wifi (wireless fidelity) phishing | |
US20090016529A1 (en) | Method and system for prevention of unauthorized communication over 802.11w and related wireless protocols | |
CN104168561A (en) | Hot-spot configuration method and accessing method and device in wireless local-area network | |
US10448286B2 (en) | Mobility in mobile communications network | |
EP2826304B1 (en) | Method and system for preventing the propagation of ad -hoc networks | |
US9270640B2 (en) | Communication device, control method for communication device, and storage medium | |
CN105681272A (en) | Method for detecting and defensing fishing WiFi of mobile terminal | |
CN104852894A (en) | Wireless message monitor detecting method, system and central control server | |
CN106685843B (en) | Method for safely strengthening router | |
CN104270762A (en) | Method for detecting false station in GSM and LTE network | |
WO2009139676A1 (en) | User-type handling in a wireless access network | |
US20120315886A1 (en) | Method and communication device for assisting mobile data offloading and mobile device | |
JP5647964B2 (en) | Wireless router, program and access method for restricting access of child wireless terminal subordinate to parent wireless terminal | |
WO2017036107A1 (en) | Differentiated network access method for user equipment, base station and computer storage medium | |
WO2019167132A1 (en) | Wireless communication device, wireless lan router, unauthorized access prevention method and wireless communication system | |
Huang et al. | A whole-process WiFi security perception software system | |
KR20040046006A (en) | Method for connecting with Wireless Local Area Network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130925 |