Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Network Performance Monitor (NPM) > What are rogue Access Points (AP)

What are rogue Access Points (AP)

Table of contents

Updated May 10, 2017

Overview

This article provides information on rogue Access Points (AP). 

 

Environment

Orion Platform version 2012.0

Detail

A rogue AP is a wireless access point that has gained access to a secure enterprise network without an explicit authorization from the network administration team. These unauthorized rogue access points open wireless backdoors to wired networks.

The following are classifications of APs:

  • Unauthorized APs - Introduced by employees within the organization but without any detrimental intent.
  • Insecure APs - Bypass network security owing to airspace proximity.  For example, a WiFi device brought by an employee.
  • Malicious APs -  Actual rogue APs that pose a security threat. Malicious APs are characterized by the following:
    • Skyjacking attack. Vulnerabilities within device access points could be used by remote attackers to convert an authorized AP into rouge by taking full control over it.
    • Planting a malicious rogue AP within the office space disguised as a trusted AP.
    • Rogue APs can also trick MAC addresses used by legitimate APs or try to mimic your own WLAN's SSID

 

While all of these malicious and non-malicious APs need to be monitored, it is the responsibility of the network administrator to ensure the malicious ones are contained and eliminated.

For more information, see the following THWACK discussion:

MONITORING ROGUE ACCESS POINTS IN YOUR WLAN

 

 

 

 

 

 

Last modified

Tags

Classifications

Public