nanog mailing list archives
Re: Detection of Rogue Access Points
From: Jonathan Rogers <quantumfoam () gmail com>
Date: Mon, 15 Oct 2012 11:12:30 -0400
Well, quite frankly they have the tools they need. Our remote sites do not have any devices that require wireless. They don't have company-issued laptops, and personal laptops are not allowed. The policy is on the books but it isn't my department to make sure people know about it and follow it. Our end users at these branch offices are typically not very technically inclined and have no idea what a security risk this is (especially considering that we have EPHI on our network, although I can't really say more in detail than that). The person who put in the WAP I discovered doesn't even work for us any more. Port-based security might work, but our edge switches are total garbage (don't get me started, not in my control). I didn't find this WAP via nmap...it didn't show up. I believe it probably didn't have a valid management interface IP for some reason. We saw suspicious entries in the router's ARP table and starting looking around the office from there. --JR On Mon, Oct 15, 2012 at 11:05 AM, <Valdis.Kletnieks () vt edu> wrote:
On Mon, 15 Oct 2012 13:11:00 +1100, Karl Auer said:No-one has said this yet, so I will - why are people working around your normal network policies? This is often a sign of something lacking that people need in their daily work. You can often reduce this sort of "innocent thievery" down to a manageable minimum simply by making sure that people have the tools they need to work. Sometimes it's cheaper to give people what they want than to prevent them taking it. Maybe at least consider that as an option.Amen to that - detecting rogue access points is one thing, but in order to make the users stop doing it, you're going to need either a sufficiently large carrot or a sufficiently large stick. If you don't deploy at least one, the problem *will* keep recurring.
Current thread:
- Re: Detection of Rogue Access Points, (continued)
- Re: Detection of Rogue Access Points Lyndon Nerenberg (Oct 14)
- RE: Detection of Rogue Access Points Kenneth M. Chipps Ph.D. (Oct 14)
- Re: Detection of Rogue Access Points Aaron C. de Bruyn (Oct 14)
- RE: Detection of Rogue Access Points Kenneth M. Chipps Ph.D. (Oct 14)
- Re: Detection of Rogue Access Points Aaron C. de Bruyn (Oct 14)
- Re: Detection of Rogue Access Points Jonathan Lassoff (Oct 14)
- Re: Detection of Rogue Access Points Suresh Ramasubramanian (Oct 14)
- Re: Detection of Rogue Access Points Jimmy Hess (Oct 14)
- Re: Detection of Rogue Access Points Suresh Ramasubramanian (Oct 14)
- Re: Detection of Rogue Access Points Karl Auer (Oct 14)
- Re: Detection of Rogue Access Points Valdis . Kletnieks (Oct 15)
- Re: Detection of Rogue Access Points Jonathan Rogers (Oct 15)
- Re: Detection of Rogue Access Points Roy (Oct 15)
- Re: Detection of Rogue Access Points Joe Hamelin (Oct 15)
- Re: Detection of Rogue Access Points Sean Harlow (Oct 15)
- Re: Detection of Rogue Access Points Joe Hamelin (Oct 15)
- Re: Detection of Rogue Access Points Sean Harlow (Oct 15)
- Re: Detection of Rogue Access Points Ryan McBride (Oct 16)
- Re: Detection of Rogue Access Points George Herbert (Oct 15)
- Re: Detection of Rogue Access Points Sean Harlow (Oct 15)
- Re: Detection of Rogue Access Points Valdis . Kletnieks (Oct 15)
- Re: Detection of Rogue Access Points David Cantrell (Oct 16)