Security In Seconds: How Does a Rogue Access Point Affect Network Security?
What is a Rogue Access Point?
A Rogue Access Point is an access point that is installed on the network without authorization. This could be an employee that didn't go through the proper channels, but it could also be an intruder or a disgruntled employee with malicious intent. Unlike an Evil Twin that may only copy network details down to the SSID and password, a Rogue Access Point actually gives access to the network. After an attacker has installed a Rogue Access Point they now have the opportunity to attack remotely from within the network. There are tools that can make it very easy for an attacker to plug a malicious access point into your network in only a few minutes.
How to Spot a Rogue Access Point
Rogue Access points can be detected with the use of a walking audit. Discover all of the access points that are connected to the network and check that they are authorized and legitimate access points. Another option is to install a device like SONAR that constantly monitors the Wi-Fi and alerts on potential threats.
Corey Belanger
Corey is a Security Consultant and leads QA of product development, using his expertise in these dual roles to more effectively test and secure applications, whether while building enterprise applications or while performing penetration tests and vulnerability assessments for customers. An Army veteran with a tour of duty in Afghanistan, Corey has built a post-military career in security while earning Network+, Security+, GIAC Certified Incident Handler, GIAC Python Coder, GIAC Web App Penetration Testing, and GIAC Penetration Tester certifications. Corey is also a BsidesNH organizer and founding member of TechRamp, avenues which he uses to help others build their skills for careers in security and technology. Fun Fact: When not manning a terminal or watching the Bruins, Corey can often be found snowboarding or riding his motorcycle.