Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Detect Rogue Wireless Access Points

Short of locking down every network port on my LAN I am looking for a solution to detect unauthorized Wireless Access Points (i.e. Home Wireless Routers) from being connected to the LAN.

Thanks

Sigh

7 REPLIES
Cisco Employee

Re: Detect Rogue Wireless Access Points

Hi Sigh,

Are you using controller based architecture?

Ankur

New Member

Re: Detect Rogue Wireless Access Points

I am currently not using any Wireless technology. A LAN mainly with c2950s and 4507s. I am looking to avoid users connecting wireless routers to the LAN.

Silver

Re: Detect Rogue Wireless Access Points

You might consider deploying a network of lightweight access points throughout your facility along with a wireless LAN controller and WCS with location.

You can deploy the APs as wireless detection mechanisms only and be alerted when other rogue wireless equipment is activated.

However, I would also suggest that if you have installed this system, the infrastructure that you have installed could also carry wirelss traffic while it scans for rogue equipment at the same time.

- John

Please rate helpful posts.

Bronze

Re: Detect Rogue Wireless Access Points

Airmagnet laptop is a wonderful tool for this and it will even find them for you as well.

You do have to walk the entire building or whatever, but you will find every one of them that is turned on.

When you do find one yank it out of the wall and bash it with a hammer and leave the pieces on the offenders desk. Then send a memo out that any future attempts to compromise the network will result in the death penalty. You can modify this tactic for your specific situation but education of why its bad and fear of reprocussions is the only way to stop it.

New Member

Re: Detect Rogue Wireless Access Points

if you are not looking to implement your own wireless network then you can look towards a few different companies that sell wireless "sensor" aps that tie back to a server, they offer wireless scanning of rogue devices as well as wired scanning and have the capability of doing an automatic shut on the physical switchport of the offending device. Airmagnet which was mentioned previously has their Enterprise Server solution and there is also Air Defense. There are also some other companies but those are the top 2 players.... if you are interested in deploying your own wireless infrastructure then i would look toward controller based to get the dual feature set.

Re: Detect Rogue Wireless Access Points

Not to be the lazy guy in this thread, but if you do not have any sort of wireless presence just take a look at "SwitchMap" its an open source piece of software. Goes out and grabs the mac addresses of whats connected to your switches... Check it daily or setup a script to do it for you... And there you have a cheap, easy, and lazy solution. =)

Re: Detect Rogue Wireless Access Points

one aspect i left out, do a google for 'OUI' and first hit will be for the IEEE website where you can plug snag all the addresses for netgear, dlink, linksys etc. Good luck and good hunting.

306
Views
0
Helpful
7
Replies