cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
742
Views
0
Helpful
7
Replies

Detect Rogue Wireless Access Points

Sighclops
Level 1
Level 1

Short of locking down every network port on my LAN I am looking for a solution to detect unauthorized Wireless Access Points (i.e. Home Wireless Routers) from being connected to the LAN.

Thanks

Sigh

7 Replies 7

ankbhasi
Cisco Employee
Cisco Employee

Hi Sigh,

Are you using controller based architecture?

Ankur

I am currently not using any Wireless technology. A LAN mainly with c2950s and 4507s. I am looking to avoid users connecting wireless routers to the LAN.

You might consider deploying a network of lightweight access points throughout your facility along with a wireless LAN controller and WCS with location.

You can deploy the APs as wireless detection mechanisms only and be alerted when other rogue wireless equipment is activated.

However, I would also suggest that if you have installed this system, the infrastructure that you have installed could also carry wirelss traffic while it scans for rogue equipment at the same time.

- John

Please rate helpful posts.

Airmagnet laptop is a wonderful tool for this and it will even find them for you as well.

You do have to walk the entire building or whatever, but you will find every one of them that is turned on.

When you do find one yank it out of the wall and bash it with a hammer and leave the pieces on the offenders desk. Then send a memo out that any future attempts to compromise the network will result in the death penalty. You can modify this tactic for your specific situation but education of why its bad and fear of reprocussions is the only way to stop it.

philip_hoopman
Level 1
Level 1

if you are not looking to implement your own wireless network then you can look towards a few different companies that sell wireless "sensor" aps that tie back to a server, they offer wireless scanning of rogue devices as well as wired scanning and have the capability of doing an automatic shut on the physical switchport of the offending device. Airmagnet which was mentioned previously has their Enterprise Server solution and there is also Air Defense. There are also some other companies but those are the top 2 players.... if you are interested in deploying your own wireless infrastructure then i would look toward controller based to get the dual feature set.

Not to be the lazy guy in this thread, but if you do not have any sort of wireless presence just take a look at "SwitchMap" its an open source piece of software. Goes out and grabs the mac addresses of whats connected to your switches... Check it daily or setup a script to do it for you... And there you have a cheap, easy, and lazy solution. =)

one aspect i left out, do a google for 'OUI' and first hit will be for the IEEE website where you can plug snag all the addresses for netgear, dlink, linksys etc. Good luck and good hunting.

Review Cisco Networking for a $25 gift card