The Rising Threat of Rogue APs: Are you ready?


Published on

A Rogue Access Point (Rogue AP) is a wireless access point installed on a wired enterprise network without authorization from the network administrator. A Rogue AP may be naively installed by a legitimate user who is unaware of its security implications or it could be deliberately installed as an insider attack. A Rogue AP could also be easily smuggled onto enterprise premises by an outsider. In any case, a Rogue AP poses serious security threat to a wired enterprise network as it provides a wireless backdoor into the enterprise network for outsiders, bypassing all wired security measures such as firewalls and network access control (NAC).

  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

The Rising Threat of Rogue APs: Are you ready?

  1. 1. The Rising Threat of Rogue APs
  2. 2. Rogue AP Usually consumer or home-grade APs is an unauthorized access point connected to the wired enterprise network
  3. 3. Why is Rogue AP such a bad thing?
  4. 4. Carelessly deployed APs can create backdoor entry for malicious outsiders into the corporate LAN as RF signal spills out of the building, makes WiFi network available for all
  5. 5. How to fix Rogue AP problem? Ban Rogue APs
  6. 6. A trusted WiFi AP can also be turned into Rogue AP This happens because of some bug, or 0’day vulnerability present in the Access Point (AP) software
  7. 7. Skyjacking Attack Cisco Lightweight Access Point (LAP) contains a vulnerability that could allow an unauthenticated, remote attacker to convert authorized AP into Rogue by taking full control of it. - countermeasures-2047379
  8. 8. A Rogue AP can also be running on a trusted client device e.g. laptop
  9. 9. Windows 7 Laptop Windows 7 Virtual WiFi Feature Allows a laptop user to run an access point on his/her laptop and simultaneously be connected to another trusted WiFi network through same WiFI client device
  10. 10. Windows 7 Rogue AP scenario Even NAC can’t prevent a Rogue AP running on a trusted laptop A laptop is connected to corporate WiFi LAN and also running a virtual AP allowing a malicious outsider to access corporate LAN
  11. 11. <ul><li>To summarize A Rogue AP </li></ul><ul><ul><ul><li>can be as small as USB drive </li></ul></ul></ul><ul><ul><ul><li>can be your own authorized AP or </li></ul></ul></ul><ul><ul><ul><li>can be running on your own authorized laptop </li></ul></ul></ul>So, The Key Question to ask is
  12. 12. Can we really restrict Rogue APs from connecting to a corporate network ?
  13. 13. Monitor Air Space 24x7, 365 days Yes. We Can !
  14. 14. Wireless Intrusion Prevention System (WIPS) Detect WiFi misuse and attacks Block WiFi misuse and attacks Locate WiFi devices Monitor Air Space 24x7, 365 days and detect, prevent and locate all types of Rogue APs
  15. 15. Eliminate Rogue APs once and for all The Global Leader in Wireless Security Solutions Md Sohail Ahmad [email_address]