nanog mailing list archives
Re: Detection of Rogue Access Points
From: Jon Sevier <jon.p.sevier () gmail com>
Date: Sun, 14 Oct 2012 20:00:31 -0700
On Sun, Oct 14, 2012 at 1:59 PM, Jonathan Rogers <quantumfoam () gmail com>wrote:
Gentlemen, An issue has come up in my organization recently with rogue access points. So far it has manifested itself two ways: 1. A WAP that was set up specifically to be transparent and provided unprotected wireless access to our network. 2. A consumer-grade wireless router that was plugged in and "just worked" because it got an address from DHCP and then handed out addresses on its own little network.
There are wireless IDS/IPS products available that monitor not only the airspace, but the wire as well. Many of these products will also actively defend the airspace. Search for "wIDS" and/or "wIPS". Often the cost of purchasing and deploying these products is more expensive than the cost of implementing simple 802.1x port authentication though. If nothing else, set up guest wireless piped to a cheap broadband connection and create and/or enforce proper acceptable use policies on your LAN. The less you fight your users, the easier your job is. Of course all of this is dependent on the business and legal jurisdiction you are in. -Jon
Current thread:
- Re: Detection of Rogue Access Points, (continued)
- Re: Detection of Rogue Access Points Joe Hamelin (Oct 15)
- Re: Detection of Rogue Access Points Sean Harlow (Oct 15)
- Re: Detection of Rogue Access Points Joe Hamelin (Oct 15)
- Re: Detection of Rogue Access Points Sean Harlow (Oct 15)
- Re: Detection of Rogue Access Points Ryan McBride (Oct 16)
- Re: Detection of Rogue Access Points George Herbert (Oct 15)
- Re: Detection of Rogue Access Points Sean Harlow (Oct 15)
- Re: Detection of Rogue Access Points David Cantrell (Oct 16)
- Re: Detection of Rogue Access Points Jonathan Rogers (Oct 18)
- RE: Detection of Rogue Access Points Raymond Burkholder (Oct 18)
- Re: Detection of Rogue Access Points Phil Regnauld (Oct 18)
- Re: Detection of Rogue Access Points Jonathan Rogers (Oct 18)