ZyXEL Communications NWA-3160 Series Rogue AP, 11.1 Rogue AP Introduction, 11.2 Rogue AP Examples

11

Rogue AP

This chapter discusses rogue wireless access points (APs) and how to configure the ZyXEL Device’s rogue AP detection feature.

11.1 Rogue AP Introduction

A rogue AP is a wireless access point operating in a network’s coverage area that is not a sanctioned part of that network. Rogue APs are not under the control of the network’s administrators, and can open up holes in a network’s security. Attackers can take advantage of a rogue AP’s weaker (or non-existent) security to gain access to the network, or set up their own rogue APs in order to capture information from wireless clients. If a scan reveals a rogue AP, you can use commercially-available software to physically locate it.

Note that it is not necessary for a network to have a legitimate wireless LAN component for rogue APs to open the network to an attacker. In this case, any AP detected can be classified as rogue.

11.2 Rogue AP Examples

In the following example, a corporate network’s security is compromised by a rogue AP (R) set up by an employee at his workstation in order to allow him to connect his notebook computer wirelessly (A). The company’s legitimate wireless network (the dashed ellipse B) is well-secured, but the rogue AP uses inferior security that is easily broken by an attacker (X) running readily available encryption-cracking software. In this example, the attacker now has access to the company network, including sensitive data stored on the file server (C).