There are many in this world from white label hacker community which regards Wireless Network as a Weapon for black label hacker community to enter into any organization secure network. And most of the time the culprit is identified as a rouge Access Point. Now this rouge access point becomes accessible to an employee of that organization who can access what he wants but cannot control or manage the trusted network. Many employees are found to have installed a rouge access point where the network IT department was not aware. Just by plugging in a rouge access point ( which are normally cheap priced and easily available in the market) to the network switch with no security features enabled you are only inviting trouble as any hacker from a nearby location will catch this rouge access point signal and can enter into your corporate network by altering the connection settings. This happens when the rouge access point tricks the users by masquerading the trusted access point information and allowing them to associate with it and access the internet or any other network there by allowing a hacker to watch and access data ad the wireless communication runs through the rouge access point.

The only way to remain safe is to stop practicing such deployments which are unauthorized and if a rouge device has been found, making sure that it's being switched off. Ensure corporate policies are in place and every user is warned to follow them strictly.

How to prevent from getting hacked

• A strict corporate policy describing the usage terms
• We need to make sure physical security is implemented using switches
• Secured and supported WALN infrastructure
• Edge switches must be configured to secure their ports for any 802.1X traffic

Most commonly a switch must be configured to allow limited number of MAC addresses per port there by preventing these switches from passing an un-authenticated traffic generating from Rouge Access Point's MAC. But not many people prefer this option as is would also block the Network cards of the client accessing through a rouge access point.

How to you detection a rouge access point

• Use wireless analyzers or packet sniffers
• Make sure you use scripted tools on the wired network which will monitor
  • MAC addresses
  • OS fingerprinting
  • Simple Network Management Protocol (SNMP)
  • Intrusion detection

  That's not all there are lots of other tools which can be used to facilitate rouge access point detection from wired management workstations through the Ethernet Port.

• A routine check on the WLAN access point usage and placement

In short, prevention and detection method of rouge access point differs with every method implemented and it is always advisable to network designers to user a combination of these prevention and detection tools for their network. A good usage of both prevention and detection tools would eventually give network designers a comprehensive toolkit which will eventually assist in catching a rouge access point.