15

Rogue AP Detection

15.1 Overview

Rogue APs are wireless access points operating in a network’s coverage area that are not under the control of the network’s administrators, and can open up holes in a network’s security. Attackers can take advantage of a rogue AP’s weaker (or non-existent) security to gain access to the network, or set up their own rogue APs in order to capture information from wireless clients. If a scan reveals a rogue AP, you can use commercially-available software to physically locate it.

Note that it is not necessary for a network to have a legitimate wireless LAN component for rogue APs to open the network to an attacker. In this case, any AP detected can be classified as rogue.

Figure 106 Rogue AP Example

 

187

NWA-3500/NWA-3550 User’s Guide