The Method for preventing unauthorized network access by occupying idle IP addresses

IP.com Prior Art Database Disclosure
IP.com Disclosure Number: IPCOM000015961D
Publication Date: 01-Nov-2002
Find Similar Download

Publishing Venue

IBM Technical Disclosure Bulletin

Abstract

Idea of disclosure 1. Describe your invention, stating problem solved (if appropriate), and indicating the advantages of using the invention. The Resouce X manages idle IP addresses in a IP sub network. Resource X registers all IP adresses which are not assigned by DHCP servers or network administrator, to its Network interfaces. This prevents to access by unauthorized users, because all IP addresses are occupied. User should register his MAC address of NetWork Interface Card(NIC) on List of acceptable MAC addresses using IP addresses, before user begins to use new IP address. Resource X release one IP address and assign it to user. If user has non-registered MAC address, user cannot use IP address, because there is no idle IP address in a sub network. It prevents to use network resources by unauthorized users. Administrator does not care idle IP addresses in general. Router can block to access over sub network by its configuration, but router cannot block to access in its sub network. Any user can set idle IP address to his NIC manually, can easily use network resources in its sub network. It is easy to crack network resources. It is needed to countermeasure against unauthorized access.

Language

English (United States)

Country

United States

Document File

4 pages / 92.5 KB

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 39% of the total text.

Page 1 of 4

  The Method for preventing unauthorized network access by occupying idle IP addresses

Idea of disclosure
1. Describe your invention, stating problem solved (if appropriate), and indicating the advantages of using the invention.

The Resouce X manages idle IP addresses in a IP sub network. Resource X registers all IP adresses which are not assigned by DHCP servers or network administrator, to its Network interfaces. This prevents to access by unauthorized users, because all IP addresses are occupied. User should register his MAC address of NetWork Interface Card(NIC) on List of acceptable MAC addresses using IP addresses, before user begins to use new IP address. Resource X release one IP address and assign it to user. If user has non-registered MAC address, user cannot use IP address, because there is no idle IP address in a sub network. It prevents to use network resources by unauthorized users.

Administrator does not care idle IP addresses in general. Router can block to access over sub network by its configuration, but router cannot block to access in its sub network. Any user can set idle IP address to his NIC manually, can easily use network resources in its sub network. It is easy to crack network resources. It is needed to countermeasure against unauthorized access.

This invention solves to create a status that all IP addresses are in use, which were idle temporary or everlastingly. It assigns IP address not in use to a special Resource X. No idle IP address exists in a sub network.

Usefull pointes:
1. Fair accounting - unauthorized use is prevented.
2. In Apartments ;
1. Prevents to access by unauthorized users which uses idle IP addresses.
2. Prevents to scan address and port to check absence or not.
3. Can detect an indiscriminate attack in a sub network. Switching device is used for network connection generally, so that special device is needed to monitor communication between 2 users. Using this method, unauthorized access is detected easily, by establishment of reserved address / size of address space.

2. How does the invention solve the problem or achieve an advantage, (a description of "the invention", including figures inline as appropriate)?

Methods: Configuration of invetion
i. Basic configuration Figure 1 is Class C sub network, 192.168.0.0/24, which constitutes a part of intranet.

1

Page 2 of 4

DHCPリレー エージェント

ワークグルー

プサーバー

IP Sub Network(Class C:192.168.0/24)

リソース R2

リソース R3

192.168.0.101 192.168.0.102

リソー

スR1

リソー

スR4

ルーターR

IP address space
192.168.0.1 - 192.168.0.254 (254)

Fixed Address space
192.168.0.1 - 192.168.0.100 DHCP Address space
192.168.0.101 - 192.168.0.254

ルールーター

192.168.0.1

192.168.0.2

192.168.0.3

Enterprise service

 DNS Service

Server S2

 DHCP Relay Agent (RA)

ResourceIP NetworkR2

Resource R1

Resource R3

Router R

List of registered M AC addresses

192.168.0.2

192.168.0.101 192.168.0.102

Resource R4

Work Group Serve...

First page image
You are not signed in. If you have an IP.com account, your download price may be lower or waived. Click here if you want to sign-in now.
Loading PayPal...
The full document comprises 4 pages and is available as a PDF document as well as a ZIP archive. The cost is $40.00 USD (depending on your billing address, sales tax may apply); payment may be made directly using your credit card or your PayPal account.

If you've already purchased this document, and wish to download it now you may enter the download access code you received in your original email receipt.