Solved: APs being Rogue Contained

tdorsey123 · ‎04-18-2016

Not sure why it's so prolific now, but more than a few companies have reached out to me because their WAPs are being contained by nearby neighbors via MAC spoofing. Anyone have a preferred way to hunt this kind of thing down? I know Fluke has one of their scanners with directional antennas but is there another way to find the containment system?(Assume that the APs being contained don't provide clues to direction and customer is too lazy to go pamphlet their neighbors)

ali aqrabawi · ‎04-19-2016

no way to avoid this without asking the neighbors to correct their settings ,

i believe the containment rule they have is RSSI threshold , which is not controllable and could varies from time to time , if the neighbors have this rule they should correct this , also they shuold

know that containment is illegal on other network unless its attacker/milisous AP , i think this should be enough to convince them :-)

View solution in original post

ali aqrabawi · ‎04-19-2016

no way to avoid this without asking the neighbors to correct their settings ,

i believe the containment rule they have is RSSI threshold , which is not controllable and could varies from time to time , if the neighbors have this rule they should correct this , also they shuold

know that containment is illegal on other network unless its attacker/milisous AP , i think this should be enough to convince them :-)