公开(公告)号：AU2002337326A1

公开(公告)日：2003-11-10

申请号：AU2002337326

申请日：2002-10-28

Applicant: IBM

Inventor： MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  SHIEH JOHNNY MENG-HAN ,  TESAURO JAMES STANLEY

IPC: H04L9/16 ,  H04L12/28 ,  H04L12/56 ,  H04L29/06 ,  H04W12/02 ,  H04W84/12

Abstract: Apparatus for eavesdropping within an area layer adjacent to and surrounding a LAN area periphery for potential wireless transmissions of an intruder having a lower frequency within a level below the LAN frequency; and an implementation responsive to said eavesdropping apparatus for changing the encryption code of said encrypted wireless transmission upon the eavesdropping detection of a wireless transmission of said lower frequency addressed to a network location of one of the terminals in said LAN.

公开(公告)号：CA2481682A1

公开(公告)日：2003-11-06

申请号：CA2481682

申请日：2002-10-28

Applicant: IBM

Inventor： SHIEH JOHNNY MENG-HAN ,  TESAURO JAMES STANLEY ,  MULLEN SHAWN PATRICK ,  MCBREARTY GERALD FRANCIS

IPC: H04L9/16 ,  H04L12/28 ,  H04L12/56 ,  H04L29/06 ,  H04W12/02 ,  H04W84/12

Abstract: The present invention involves the recognition that since an eavesdropper listening adjacent to a wireless LAN is likely to be mobile and operating on a short time cycle, he himself is likely to be wirelessly transmitting his tes t message. Consequently, the present invention provides the combination of apparatus for eavesdropping within an area layer adjacent to and surrounding the LAN area periphery for potential wireless transmissions of an intruder having a lower frequency within a level below the LAN frequency and addresse d to the network location of any one of the computer terminals in the LAN; and an implementation responsive to said eavesdropping means for changing the encryption code of said encrypted wireless transmission upon the eavesdroppi ng detection of a wireless transmission of said lower frequency addressed to a network location of one of the terminals in said LAN. There is the recogniti on that there are several factors contributing to the success of the process of the invention. It is likely that the intruder must send his message at a low er frequency than the 2.4 GHz frequency of the LAN area transmissions because t he intruder will probably have to reach a base station tower over a longer distance or range than the adjacent target wireless LAN facility. This insur es thatthe eavesdropping of the present invention will be at a lower frequency and, thus, not interfered with by the transmissions within the LAN.

公开(公告)号：DE10132461A1

公开(公告)日：2002-01-24

申请号：DE10132461

申请日：2001-07-04

Applicant: IBM

Inventor： CAROLL SCOTT ALLEN ,  FIVEASH WILLIAM ALTON ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  SHIEH JOHNNY MENG-HAN

IPC: G06F21/00 ,  H04L12/24 ,  H04L29/06 ,  H04L12/26 ,  G06F11/30

Abstract: A client computer (210) connects to a Web server (212) platform via a transmission channel (214) like the Internet, an intranet or another known network connection. The platform can be one of a number of servers accessed by clients. A client computer has an operating system (211), a graphics user interface (213) and a browser (216). Actions are monitored that are undertaken by host servers in relation to data from remote client users.

公开(公告)号：DE10052312A1

公开(公告)日：2001-11-08

申请号：DE10052312

申请日：2000-10-21

Applicant: IBM

Inventor： GENTY DENISE MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  SHIEH JOHNNY MENG-HAN ,  UNNIKRISHNAN RAMACHANDRAN

IPC: H04L12/56 ,  H04L29/06 ,  H04L29/08 ,  H04L12/28 ,  H04L12/22 ,  G06F12/14

Abstract: Virtual private network system which can be changed as required. Such a requirement would be if unauthorized access or other security violations are detected. The network is then automatically changed to a second configuration to frustrate such attempted security violations. The invention uses tunnel network configurations and has the ability to change configurations. An Independent claim is made for a method for using tunnel network configurations with virtual private networks to increase security.

公开(公告)号：DE10052311A1

公开(公告)日：2001-05-23

申请号：DE10052311

申请日：2000-10-21

Applicant: IBM

Inventor： GENTY DENISE MARIE ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  SHIEH JOHNNY MENG-HAN ,  UNNIKRISHNAN RAMACHANDRAN

IPC: H04L12/46 ,  H04L12/56 ,  H04L29/06 ,  H04L12/28 ,  G06F12/14

Abstract: Two batches of tunnel configuration data and back-up configuration data are assigned to respective tunnel nodes with administrators. The administrators output commands to respective nodes, for communicating through a tunnel network connected between the tunnel nodes. Independent claims are also included for the following: (a) Communication method in virtual private network system; (b) Recording medium with computer program for implementing private network.

公开(公告)号：CA2312460A1

公开(公告)日：2001-02-26

申请号：CA2312460

申请日：2000-06-20

Applicant: IBM

Inventor： GENTY DENISE MARIE ,  SHIEH JOHNNY MENG-HAN ,  MCBREARTY GERALD FRANCIS ,  MULLEN SHAWN PATRICK ,  UNNIKRISHNAN RAMACHANDRAN

IPC: H04L12/46 ,  H04L29/06 ,  H04L29/12 ,  H04Q11/04 ,  H04L12/22 ,  G06F12/14

Abstract: A method and system for an algorithm-based network snoop avoider is provided . A first data processing system and a second data processing system communicate on a physical network by transmitting data packets on the network using a virtual private network (VPN). Data packets are transmitted through a first VPN tunnel between the first data processing system with a first network address terminating a first end of the VPN tunnel and the second dat a processing system with a second network address terminating a second end of the first VPN tunnel. The VPN is automatically reconfigured to use alternate addresses on the network for the tunnel endpoints by automatically determining, in accordance with a predetermined algorithm, a third network address and a fourth network address and by automatically assigning the thir d network address to the first data processing system and the fourth network address to the secon d data processing system. Data packets may then be transmitted through a second VPN tunnel in which a first end of the second VPN tunnel is terminated by the first data processing system using the third network address and a second end of the second VPN tunnel is terminated by t he second data processing system using the fourth network address. The data packets may be transmitted using Internet Protocol (IP), and a portion of the network may include the Interne t.