CN102984707B - It goes fishing in a kind of wireless network the identification and processing method of AP - Google Patents
It goes fishing in a kind of wireless network the identification and processing method of AP Download PDFInfo
- Publication number
- CN102984707B CN102984707B CN201210548689.2A CN201210548689A CN102984707B CN 102984707 B CN102984707 B CN 102984707B CN 201210548689 A CN201210548689 A CN 201210548689A CN 102984707 B CN102984707 B CN 102984707B
- Authority
- CN
- China
- Prior art keywords
- wireless
- information
- fishing
- aps
- wireless aps
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention relates to the identifications and processing method of the AP that goes fishing in a kind of wireless network, multiple wireless aps that the wireless network includes wireless controller and connect with wireless controller, the identification and processing method includes: the environmental information that each wireless aps scan itself, and scanning result information is uploaded to wireless controller, wireless controller judges in current wireless aps according to scanning result information with the presence or absence of fishing AP, if so, carrying out corresponding processing according to the type of fishing AP.Compared with prior art, the present invention has many advantages, such as that accuracy of identification is high, fishing AP processing is effective.
Description
Technical field
The present invention relates to a kind of information processing method of field of wireless, more particularly, to going fishing in a kind of wireless network
The identification and processing method of AP.
Background technique
Fishing AP (Access Point, access points), which refers to, is not associated in this AC (Wireless Access
PointController, wireless controller) under, but used SSID (Service Set Identifier, services set mark
Know) AP identical with this AC subordinate SSID.
When using wireless network, it is possible that fishing AP, using SSID identical with operator, disguise as is legal
AP, user cheating access, criminal can be so as to stealing user information and encroaching on user's property safety.However in traditional design
There is no relevant control mechanism or only simple scanning result.
Summary of the invention
High, fishing that it is an object of the present invention to overcome the above-mentioned drawbacks of the prior art and provide a kind of accuracy of identification
Fish AP handles the identification and processing method for the AP that goes fishing in valid wireless network.
The purpose of the present invention can be achieved through the following technical solutions:
Go fishing in a kind of wireless network the identification and processing method of AP, the wireless network include wireless controller and with
Multiple wireless aps of wireless controller connection, the identification and processing method include: the environment that each wireless aps scan itself
Information, and scanning result information is uploaded to wireless controller, wireless controller is current wireless according to the judgement of scanning result information
With the presence or absence of fishing AP in AP, if so, carrying out corresponding processing according to the type of fishing AP.
The scanning result information include BSSID information, SSID information, channel information, beacon interval information,
The location information of vendor information and adjacent AP.
The identification and processing method specifically includes the following steps:
1) environmental scanning result information is uploaded to wireless controller by each wireless aps;
2) wireless controller traverses the scanning result information of each wireless aps, judges whether the SSID information of wireless aps belongs to
In current wireless controller, if so, thening follow the steps 3), if it is not, then identifying that the wireless aps are legal AP, carry out next wireless
The identification of AP;
3) judge whether BSSID information corresponding to the SSID information belongs to current wireless controller, if so, executing
Step 4), if it is not, then identifying that wireless aps corresponding to the SSID information for fishing AP, execute step 6);
4) judge whether vendor information is that current wireless controller specifies legal mark, if so, then follow the steps 5),
If it is not, then identifying that wireless aps corresponding to the vendor information for fishing AP, execute step 7);
5) whether the position for judging that the positions of the wireless aps is reported with its own according to the scanning information that receives is identical, if
It is then to identify that the wireless aps are legal AP, carries out the identification of next wireless aps, if it is not, then identify that the wireless aps are fishing AP,
Execute step 7);
6) wireless controller send control instruction adjust a legal AP channel to fishing AP where channel, to go fishing AP into
Row monitoring, executes step 9);
7) judge whether fishing AP and the coverage area of the legal AP with identical BSSID information have overlapping, if so,
Step 8) is executed, if it is not, thening follow the steps 6);
8) wireless controller sends control instruction and is staggered the channel of legal AP and the AP that goes fishing, then deploys other adjacent legal APs
It is monitored to channel where fishing AP;
9) according to monitoring result, real-time judge is with the presence or absence of the data interaction between client and the AP that goes fishing, if so, wirelessly
Controller forges both sides' MAC Address and mutually sends out Deauth frame, the association status of client and the AP that goes fishing is destroyed, if it is not, then exiting prison
It surveys.
Compared with prior art, the invention has the following advantages that
1) present invention can effectively identify that fishing AP, accuracy of identification are high;
2) present invention is cooperated by more AP, and Combined Treatment forges the fishing AP of BSSID, can effectively eliminate AP pairs of fishing
The influence of wireless network.
Detailed description of the invention
Fig. 1 is flow diagram of the invention.
Specific embodiment
The present invention is described in detail with specific embodiment below in conjunction with the accompanying drawings.
Embodiment
As shown in Figure 1, the identification and processing method of the AP that goes fishing in a kind of wireless network, the wireless network include wireless
Controller and the multiple wireless aps connecting with wireless controller, the identification and processing method include: that each wireless aps scan
The environmental information of itself, and scanning result information is uploaded to wireless controller, wireless controller is sentenced according to scanning result information
With the presence or absence of fishing AP in current wireless aps of breaking, if so, carrying out corresponding processing according to the type of fishing AP.The scanning
Result information includes but is not limited to BSSID information, SSID information, channel information, beacon interval information, vendor information and phase
The location information of adjacent AP.
In above-mentioned wireless network go fishing AP identification and processing method specifically includes the following steps:
1) environmental scanning result information is uploaded to wireless controller by each wireless aps;
2) wireless controller traverses the scanning result information of each wireless aps, judges whether the SSID information of wireless aps belongs to
In current wireless controller, if so, thening follow the steps 3), if it is not, then identifying that the wireless aps are legal AP, carry out next wireless
The identification of AP;
3) judge whether BSSID information corresponding to the SSID information belongs to current wireless controller, if so, executing
Step 4), if it is not, then identifying that wireless aps corresponding to the SSID information for fishing AP, execute step 6);
4) judge whether vendor information in beacon interval information is that current wireless controller specifies legal mark,
If so, thening follow the steps 5), if it is not, then identifying that wireless aps corresponding to the vendor information for fishing AP, execute step 7);
5) whether the position for judging that the positions of the wireless aps is reported with its own according to the scanning information that receives is identical, if
It is then to identify that the wireless aps are legal AP, carries out the identification of next wireless aps, if it is not, then identify that the wireless aps are fishing AP,
Execute step 7);
6) wireless controller send control instruction adjust a legal AP channel to fishing AP where channel, to go fishing AP into
Row monitoring, executes step 9);
7) judge whether fishing AP and the coverage area of the legal AP with identical BSSID information have overlapping, if so,
Step 8) is executed, if it is not, thening follow the steps 6);
8) wireless controller sends control instruction and is staggered the channel of legal AP and the AP that goes fishing, then deploys other adjacent legal APs
It is monitored to channel where fishing AP;
9) according to monitoring result, real-time judge is with the presence or absence of the data interaction between client and the AP that goes fishing, if so, wirelessly
Controller forges both sides' MAC Address and mutually sends out Deauth frame, the association status of client and the AP that goes fishing is destroyed, if it is not, then exiting prison
It surveys, process terminates.
The identification of fishing AP and processing method are believed by the private informations such as Vendor information and position in above-mentioned wireless network
Multiple judgement is ceased to identify that fishing AP, accuracy of identification are high.When AP is gone fishing in discovery, multiple AP cooperations handle fishing AP,
Influence of the fishing AP to wireless network can effectively be eliminated.
The present invention can also distinguish the AP that goes fishing by increasing other fields in the beacon of legal AP;In more AC
When corporate management, energy information exchange or Database vendors between AC can be considered that an AC is managed collectively the judgement of fishing AP, with
Identify whether the AP under other AC goes fishing AP.
Above embodiments are to a preferred embodiment of the invention.Those skilled in the art is it should be appreciated that the present invention
It is not restricted to the described embodiments, the above embodiments and description only illustrate the principle of the present invention, is not departing from
Under the premise of spirit and scope of the invention, various changes and improvements may be made to the invention, these changes and improvements both fall within requirement
In the scope of the invention of protection.The scope of the present invention is defined by the appended claims and its equivalents.
Claims (1)
1. in a kind of wireless network go fishing AP identification and processing method, the wireless network include wireless controller and with nothing
Multiple wireless aps of lane controller connection, which is characterized in that the identification and processing method includes: that each wireless aps scan certainly
The environmental information of body, and scanning result information is uploaded to wireless controller, wireless controller judges according to scanning result information
With the presence or absence of fishing AP in current wireless aps, if so, carrying out corresponding processing according to the type of fishing AP;The scanning knot
Fruit information includes the position of BSSID information, SSID information, channel information, beacon interval information, vendor information and adjacent AP
Information;
The identification and processing method specifically includes the following steps:
1) environmental scanning result information is uploaded to wireless controller by each wireless aps;
2) wireless controller traverses the scanning result information of each wireless aps, judges whether the SSID information of wireless aps belongs to and works as
Preceding wireless controller if it is not, then identifying that the wireless aps are legal AP, carries out next wireless aps if so, thening follow the steps 3)
Identification;
3) judge whether BSSID information corresponding to the SSID information belongs to current wireless controller, if so, thening follow the steps
4), if it is not, then identifying that wireless aps corresponding to the SSID information for fishing AP, execute step 6);
4) judge whether vendor information is that current wireless controller specifies legal mark, if so, then follow the steps 5), if
It is no, then identify that wireless aps corresponding to the vendor information for fishing AP, execute step 7);
5) whether the position for judging that the positions of the wireless aps is reported with its own according to the scanning information that receives is identical, if so,
It then identifies that the wireless aps are legal AP, carries out the identification of next wireless aps, if it is not, then identifying that the wireless aps for fishing AP, are held
Row step 7);
6) wireless controller sends control instruction and adjusts channel where the channel to fishing AP of a legal AP, supervises to fishing AP
It surveys, executes step 9);
7) judge whether fishing AP and the coverage area of the legal AP with identical BSSID information have overlapping, if so, executing
Step 8), if it is not, thening follow the steps 6);
8) wireless controller send control instruction be staggered legal AP and go fishing AP channel, then deploy other adjacent legal APs to fish
Channel where fish AP is monitored;
9) according to monitoring result, real-time judge is with the presence or absence of the data interaction between client and the AP that goes fishing, if so, wireless control
Device forges both sides' MAC Address and mutually sends out Deauth frame, the association status of client and the AP that goes fishing is destroyed, if it is not, then exiting monitoring.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210548689.2A CN102984707B (en) | 2012-12-17 | 2012-12-17 | It goes fishing in a kind of wireless network the identification and processing method of AP |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210548689.2A CN102984707B (en) | 2012-12-17 | 2012-12-17 | It goes fishing in a kind of wireless network the identification and processing method of AP |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102984707A CN102984707A (en) | 2013-03-20 |
| CN102984707B true CN102984707B (en) | 2018-12-18 |
Family
ID=47858350
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210548689.2A Active CN102984707B (en) | 2012-12-17 | 2012-12-17 | It goes fishing in a kind of wireless network the identification and processing method of AP |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102984707B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104243490B (en) * | 2014-09-30 | 2017-12-22 | 北京金山安全软件有限公司 | Method and device for identifying pseudo wireless network access point and mobile terminal |
| CN104270366B (en) * | 2014-09-30 | 2017-09-29 | 北京金山安全软件有限公司 | method and device for detecting karma attack |
| CN105162768B (en) * | 2015-07-31 | 2018-12-07 | 腾讯科技(深圳)有限公司 | The method and device of detection fishing Wi-Fi Hotspot |
| CN105636050A (en) * | 2015-08-28 | 2016-06-01 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for preventing wrong connection with WIFI network |
| CN105262734A (en) * | 2015-09-23 | 2016-01-20 | 周超 | Secure router having hacker attack prevention function |
| CN106028356A (en) * | 2016-07-05 | 2016-10-12 | 上海斐讯数据通信技术有限公司 | Wireless access equipment processing method and system |
| CN108696482A (en) * | 2017-04-07 | 2018-10-23 | 武汉安天信息技术有限责任公司 | A kind of method and device blocking Wi-Fi malicious attacks |
| CN113473471A (en) * | 2021-06-21 | 2021-10-01 | 杭州网银互联科技股份有限公司 | Method for blocking wireless mobile terminal from accessing illegal AP |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1650642A (en) * | 2002-03-29 | 2005-08-03 | 空气磁体公司 | Detecting a counterfeit access point in a wireless local area network |
| WO2007120313A2 (en) * | 2005-12-06 | 2007-10-25 | Cisco Technology, Inc. | Insider attack defense for network client validation of network management frames |
| US7336670B1 (en) * | 2003-06-30 | 2008-02-26 | Airespace, Inc. | Discovery of rogue access point location in wireless network environments |
| CN102438238A (en) * | 2011-12-28 | 2012-05-02 | 武汉虹旭信息技术有限责任公司 | Method for detecting illegal AP (Assembly Program) under centralized WLAN (Wireless Local Area Network) environment |
-
2012
- 2012-12-17 CN CN201210548689.2A patent/CN102984707B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1650642A (en) * | 2002-03-29 | 2005-08-03 | 空气磁体公司 | Detecting a counterfeit access point in a wireless local area network |
| US7336670B1 (en) * | 2003-06-30 | 2008-02-26 | Airespace, Inc. | Discovery of rogue access point location in wireless network environments |
| WO2007120313A2 (en) * | 2005-12-06 | 2007-10-25 | Cisco Technology, Inc. | Insider attack defense for network client validation of network management frames |
| CN102438238A (en) * | 2011-12-28 | 2012-05-02 | 武汉虹旭信息技术有限责任公司 | Method for detecting illegal AP (Assembly Program) under centralized WLAN (Wireless Local Area Network) environment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102984707A (en) | 2013-03-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102984707B (en) | It goes fishing in a kind of wireless network the identification and processing method of AP | |
| CN107995626B (en) | Method and device for identifying WIFI signal security category in wireless local area network | |
| CN104349325B (en) | Method and device for monitoring pseudo- wireless access point AP | |
| JP6655274B2 (en) | Method and apparatus for simultaneous data transmission service based on multiple networks | |
| CN104333914B (en) | A kind of Mesh link establishing method and equipment | |
| US9178896B2 (en) | Rogue AP detection | |
| US7447184B1 (en) | Method and system for detecting masquerading wireless devices in local area computer networks | |
| CN103067922A (en) | Method and system for preventing illegal access point in wireless local area network | |
| CN104320782A (en) | WiFi signal blocking system and method | |
| CN104580152A (en) | Protection method and system against wifi (wireless fidelity) phishing | |
| US20140282905A1 (en) | System and method for the automated containment of an unauthorized access point in a computing network | |
| CN105119946A (en) | Intelligent household electrical appliance control device and method capable of automatically switching network | |
| CN107094293A (en) | A kind of device and method for obtaining WiFi terminal real MAC address | |
| CN103763695B (en) | Method for evaluating safety of internet of things | |
| CN105979502B (en) | Switching method, switching device and the terminal of eSIM | |
| CN102438238A (en) | Method for detecting illegal AP (Assembly Program) under centralized WLAN (Wireless Local Area Network) environment | |
| CN105850178A (en) | Method and corresponding wireless access point for adjusting data rate of secondary users | |
| CN110169183A (en) | Directional reception and periodicity RTS/CTS are transmitted to estimate to interfere | |
| JP2017522798A5 (en) | ||
| CN105763388A (en) | Fault detection method and fault detection system | |
| KR20160006806A (en) | System and Method for hybrid controlling of OpenFlow-based wireless network | |
| CN102685147A (en) | Mobile communication honeypot capturing system and implementation method thereof | |
| CN105246134A (en) | WLAN networking and management method thereof | |
| CN108235322A (en) | A kind of counter method and device of wireless device | |
| CN103781071B (en) | The method of access points and relevant device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |