Rogue Access Points

rougeedit

It’s common security practice for a company to make sure all their wireless access points are secured. After all, the range of a wireless access point can potentially extend to a physical area outside of the company’s control. This means that no matter how hard you try to prevent people from trespassing onto the company’s physical property, they may still be able to trespass onto the network. What many administrators don’t realize, however, is that no matter how highly-secured a company’s access points are, that’s not enough to protect them from one particular wireless network-related danger—one that applies even to companies that don’t use wireless networking.

The fact is that not every wireless access point connected to a company’s wireless network is necessarily controlled by the company. Sometimes an employee may want to connect his or her own device, such as a smartphone or tablet, to the Internet via Wi-Fi. However, if the company doesn’t use Wi-Fi, or if they do but it’s configured in a way that prevents employees from connecting their own devices, the employee may see this as a problem. A potential obvious “solution” to this problem? Bring an access point from home and hook it up to the company’s wired network.

Obviously an employee who, while not actively malicious, doesn’t respect the company’s security policy (which, unfortunately, not all do) will have no problem doing this. But many employees simply don’t realize that it’s a problem. Because of this, it’s important to have a policy prohibiting employees from bringing their own access points, and to make sure every employee is aware of this policy.

Of course, not every rogue access point exists for this reason. Sometimes one may be surreptitiously installed by an employee for the specific purpose of enabling intruders to access the company’s network. Perhaps the employee was somehow coerced into doing so. He or she may even be a member of a black-hat group, working undercover as an employee of the company.

How do you protect against this? No matter how well an access point is hidden, it must still produce a signal in order to do its job. There are intrusion prevention systems that can detect these access points from their signals. Checking the list of found wireless networks on a Wi-Fi connected device is not enough, because a wireless network can be hidden so it does not appear in this list. A specialized system, however, can detect these access points, so you can begin your investigation.