You can configure your wireless Firebox to detect rogue wireless access points that operate in the same range as your wireless network. A rogue access point is any wireless access point within range of your network that is not recognized as an authorized access point or configured exception in your wireless deployment. A rogue access point can be an unauthorized AP connected to your network by someone inside your organization without consent.
These access points are security risks to your wireless and wired networks if they do not have proper security features enabled. Here are some possible situations:. Employees could bring their own access points to more easily connect mobile devices, iPads, or home laptops to the corporate network.
An annoyed staff member sick of slow corporate Wi-Fi may purchase and install a private wireless device on the wired corporate network. This means system administrators have zero visibility into the security of that wireless environment. Hackers use rogue access points as a simple way to gain access into business systems to capture sensitive data. One tricky way hackers use rogue access points is through evil twins also called Wi-Fi Pineapples. To entice authorized users to connect to the spoofed network.
If the wireless access point looks trusted with the same wireless name and unique digit identifier SSID and MAC address, employee devices may automatically connect to it. Other possible methods of testing for rogue access points include physical component inspections or wireless intrusion detection systems IDS.
Wireless scanning technologies work by building an initial database of access points in the environment, including IP and MAC addresses. Next you connect the router to the modem or a wireless card. Login to rogue access point. Assign static IP to rogue router make sure it dose not conflict with other machines.
Set DNS of rogue router. Test the internet connection of rogue access point. Share this: Twitter Facebook. Like this: Like Loading Leave a Reply Cancel reply Enter your comment here Fill in your details below or click an icon to log in:.
How long will it be before a significant part of the audience connects to his access point? And what if his access point is in fact full of spying tools and other traps? Man In The Middle attacks occurs when a malicious individual manages to master a point of communication between his targets. In our case we can control all the communication between the public space users and the Internet. All the clients connected to your access point have to pass trough the machine to access to the Internet.
It is the same as controlling a router. This peculiar attack cannot allow to directly target someone, instead the attacker waits for people to connect themselves. However, if a special target is in WiFi range and in a public space there are some chances that he will connect to the rogue AP. Rogue access points can be used to steal password, hijack communications, inject malwares into the victims PC.
I personnaly also see a great interest in rogue AP as it is an easy way to enlighten non specialists on threats related to WiFi security and man in the middle issue. The tool we will use to setup a rogue access point is airbase-ng from Aircrack toolsuit. A prerequisite to use most Aircrack tools is to have a Wifi card which can be passed into monitor mode. I personally use an Alfa Awus using Realtek Rtl chipset. Starting a rogue AP is pretty simple. First we put the interface we want in monitor mode using airmon-ng.
0コメント