How to detect a rogue access point wireless network
A Rogue Access Point (AP) is a Wi-Fi access point connected to a network without authorization. In order to protect sensitive data, is essential to avoid the use of unauthorized access points. Like a thief AP is not under the management of network administrators, or need to match policies, network security, unauthorized access points so an attacker can bypass the network security and network to attack or capture sensitiveDate.
monitored in the absence of a wireless sensor for air, security personnel can manually search for rogue APs. An inexpensive but effective way to search for possible villains is to network with a freely available Transmission Control Protocol (TCP) port scanner enabled, TCP port identified by the various connected devices.
The procedure to find a rogue AP to start with the implementation of Port-scanning software from a computer connected to the network.The utility covers all port 80 (HTTP), network interfaces, including points of all Web servers, some printers and almost anyone can access. The AP is usually the port scanner to respond to the name Ping-party and corresponding Internet Protocol (IP).
Once the AP is discovered, it must identify the network administrator, with or without the AP, a rogue. Ideally, the administrator would use a software that would allow a pre-configured list of approvedAccess AP. If you scan for rogue AP is done manually, a list of authorized APs is still required. The approved list may be populated with the following attributes:
MAC address
SSID
Seller
Radio Media Type
ChannelThe cited attributes determined automatically or manually when the software is not used, the instrument detection warning if there are access points with different attributes from the approved list.
As access points are determined to RogueAdministrator must have procedures to identify their positions.
Perhaps the most difficult step in this process, the discovery of the physical location of unauthorized access points is determined. Router table entries can help. A routing table is available on all IP nodes.
The routing table stores information on IP networks and how they can be achieved. Since all nodes perform some type of IP routing, then any node load the TCP / IP has a routing table. If an IP packetto be transmitted, the routing table is used for physical or logical interface is used to determine the package of their destination or next router.
possible with the information from the routing table, an IP address rogue derivatives to determine which node using the address displayed. Note that the position of the nodes must be correlated with the addresses in the routing table. Surgical removal of the limited RF signal may be useful in reducingphysical location of the unauthorized access point as well.
Perhaps the most basic step to protect against unauthorized access point can, with a security policy. A security policy should be an overview of the rules against unauthorized wireless devices and employees should be educated on the policy. This will help users more frequent unauthorized devices, employees.
Computer-network 