rogue access point


Also found in: Dictionary, Medical, Wikipedia.

rogue access point

(1) A wireless access point (AP) installed by an employee without the consent of the IT department. Without the proper security configuration, users have exposed their company's network to the outside world. Ethernet jacks are ubiquitous, and it is a simple task to plug in a Wi-Fi (802.11) access point in order to provide wireless connectivity to anyone in the vicinity. For example, marketing might want wireless access for their traveling sales reps who always bring laptops. Consumer-oriented access points often do not have management interfaces and do not identify themselves on the network.

Rogue access points can be detected by performing a walking audit around the facility with sniffer software in a laptop or mobile device. More reliable approaches are to install probes that constantly monitor the wireless network looking for changes or install server software that monitors both wired and wireless sides of the network. See also rogue site.

(2) An access point (AP) set up by an attacker outside a facility with a wireless network. Also called an "evil twin," the rogue AP picks up beacons (signals that advertise its presence) from the company's legitimate AP and transmits identical beacons, which some client machines inside the building associate with. As long as wireless security is enabled, this type of attack cannot compromise the user's machines. However, it can cause harm by slowing down the connections or causing users to lose connections with the real network.


Wireless Intrusion Detection
The BlueSecure RF sensor was designed to detect rogue access points and peer-to-peer (ad hoc) clients as soon as they appear on the network. Used with BlueSecure software, the system scans for a variety of suspicious activities such as war driving attacks. (Image courtesy of Bluesocket Inc., www.bluesocket.com)
References in periodicals archive ?
Monitoring also verifies that authentication and encryption are being used according to policy by detecting rogue access points, Adhoc station configurations, unintentional associations with neighboring networks, or malicious attempts to disable or circumvent the VPN firewall.
Along with the fully-managed firewall and around-the-clock monitoring and support, SecureConnect also offers a host of additional services like a Breach Protection Program, internal and external vulnerability scanning, endpoint protection, data loss prevention, online PCI training module and rogue access point detection.
A rogue access point provides easy access to the entire network infrastructure--and not just for a serious hacker, but for anyone with a wireless network adapter and an antenna within several miles of the rogue access point.
Making matters worse, the network lacked user authentication and rogue access point detection, creating a security hole and liability for the company.
The combination of robust rogue access point detection with a simple solution to the WEP key problem improves an already strong value proposition for Wavelink's products," says Michael Disabato, wireless technology and network security expert for the Burton Group.
In addition to the fully managed firewall, SecureConnect's packages includes services such as a $100,000 Breach Protection Program, internal vulnerability scanning, endpoint protection, data loss prevention, and rogue access point detection.