A Rogue Access Point is defined as any wireless Access Point that are not part of the network. It might be operating on the same or an adjacent frequency, occupying the spectrum, raising the noise level (co-channel or adjacent interference) and may or may not be a security risk (unclassified, friendly or malicious Rogues). The risk is that unauthorised wireless access points could be used to leak sensitive information, including passwords and cardholder data, outside of the business. This is not sanctioned by the local administrator but is operating on the network anyway. This can be installed by a naïve user that does not have any malicious intent or it could be deliberately installed by internal IT personnel for testing or for some other purpose. It can also be installed by a hacker that is supposedly trying to carry out an attack. A rogue access point provides a wireless backdoor channel into the private network for outsiders. It can bypass network firewalls and other security devices and opens a network to attacks. In any case, a rogue access point can pose a stern security threat to large organisations or even one’s personal home network because anyone accessing this access point can monitor what the private network is accessing like websites, what they’re downloading, or it can even redirect the user to a bogus website that the hacker has made to get vulnerable information. It can also point the user to a website that will make him download a malicious software or program without the user even knowing about it.
Rogue Access Points that are detected during scanning of an organisations network should be classified. If malicious, the Rogue Access Point should be detected and removed from the environment. An administrator should not allow employees to install access points without their authorisation. A regular scan of Wi-Fi access points will also help local network administrators to make sure that nobody has plugged in an access point without permission and detect unauthorised or rogue access points. Another mitigation step is to install network access control on all devices that require authentication for everybody that wants to use any resources on the network.
0 Comment Log in or register to post comments