How to Detect a Rogue Access Point on Your WIFI Network

Fraud access point (AP) is any Wi-Fi access access point that is connected to the network without authorization. To protect sensitive data, it is important to prevent the use of unauthorized access points. Because unauthorized access access points are not managed by network administrators and are not necessarily adhered to by the Network Security Guidelines, unwanted access points can bypass attackers bypassing network security and attacking the network or sensitive Can collect data. read more: https://funnywifipuns.wordpress.com/2020/05/29/10-tips-for-making-your-wifi-broadband-faster/

In the absence of a wireless probe to monitor radio waves, security personnel can manually detect unwanted APs. An inexpensive but effective way to detect potential crooks is to use the freely available Transmission Control Protocol (TCP) port scanner, which identifies the active TCP ports of various devices connected to the network.

The move to detect an unauthorized AP begins by running port scanner software from a computer connected to the network. The utility displays all HTTP interfaces (port 80) on the network, including all web servers, some printers, and nearly all access points. The AP usually responds to the ping of the port scanner with the manufacturer's name and corresponding IP (Internet Protocol) address.

After an AP is found, the network administrator must determine whether the AP is a scam. Ideally, the administrator will use software that enables a pre-configured authorized list of AP accesses. If scanning for unwanted APs is done manually, a list of authorized APs is still required. The official list can be filled with the following features:

MAC address SSID The seller Radio media type Channel The above features, which are determined automatically or manually when no software is used, alert the detection tool when there are access points with various features from the official list. When unauthorized access points are detected, administrators must have procedures in place to identify their locations.

Perhaps the most difficult step in this discovery process is to determine the physical location of the unauthorized access point. Router table entries can be helpful. Routing tables are available on all IP nodes.

IP network information and their availability are stored in routing tables. Because all nodes perform some form of IP routing, each node loading the TCP / IP protocol has a routing table. When forwarding IP packets, routing tables are used to determine the physical or logical interface to which the packet is sent to its destination or the next router.

With the information obtained from the routing table, unwanted IP addresses can be determined by which node address to use. Note that the positions of the nodes must correspond to the addresses of the routing table. The limited operating distance of the RF signal can also be useful in compressing the physical location of unwanted access points.

Perhaps the most basic step in protecting against fake access points is the security policy. The security policy should outline the rules for unauthorized wireless devices, and make employees aware of the policy. This will help prevent the most common unauthorized device users, employees.