I recently recevied an AP impersonation alarm. The culprit seems to be a Netgear AP outside of the walls of our office space. I am in our corporate office several states away and we have no IT staff that is local to the location that this is occuring.
What are you all doing when you receive such an alarm? Is it something that I should be seriously concerned with?
Depends if that AP has the same SSID as your network.
Windows wireless clients connect to the last SSID they were on before being shutdown/hibernated. Most Wireless clients do as well, so someone could call any AP the same SSID as your network and try to get your users to connect to their AP to pull whatever information they are after. I would treat this one a little more seriously, even if they don't get any information off your clients.