wifi rogue networks

can wifi rogue networks be detected by a wireless intrusion detection system(WIDS)? If so, which WIDS(s)?
thebwAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dluetkeCommented:
Hi,
rogue access points can be detected. http://www.wimetrics.com/ has a solution which they call "WiSentry". Here are the features:

    * Detect Wireless AP's from the WIRED network and uniquely identify Rogue Devices
    * Now provide VLAN Mode - optimized to VLAN topologies
    * Provide real-time configurable alerts to network administrators
    * Record information about intrusions for analysis and reporting
    * Are entirely software-based, allowing for easy download, deployment, and risk free evaluation

From another source you can download a whitepaper: http://www.proxim.com/learn/library/whitepapers/Rogue_Access_Point_Detection.pdf

And here is a discussion article from networkworld if this is really needed: http://www.networkworld.com/newsletters/wireless/2004/1115wireless2.html

So, there is a WIDS available .... and not just one ;-)

cheers,
Dirk
0
imacgoufCommented:
Hi,

There is a tutorial that help you Track Down Rogue Wireless Access Points
http://www.wi-fiplanet.com/tutorials/article.php/3590551

EXTRACT form above
There are a couple of ways of detecting Rogue APs.
One of the more popular and cost-effective techniques is to have a technician perform manual checks with a laptop or PDA running NetStumbler.

NetStumbler is a tool for detecting all wireless networks within a broadcast area. There are actually two different versions of NetStumbler, and both are downloadable for free at the company's Web site. One version is designed for use with laptops, while the other version (Mini Stumbler) is for use with a Pocket PC. Both versions also support the use of a GPS card. This allows NetStumbler to create a map showing the locations of all the wireless APs within a specified area.

The simplest way to hunt down a Rouge AP is to take a laptop that's running NetStumbler and walk in the direction that produces the greatest signal strength from the questionable access point. You'll soon know if the signal is coming from within your building or from somewhere else. If the signal is coming from your building, you can probably use the signal strength to narrow down your search to a single room. After that, you'll just have to hunt around the room until you find the access point.

......
These techniques should work well enough in a small office, but for larger environments, you should really consider investing in something a bit more specialized. There are a number of proprietary solutions available from a variety of creditable vendors. These vendors will deploy an advanced RF monitoring system into your network that can monitor the air and detect access points. Some have even gone as far as being able to classify if a unauthorized AP is actually plugged into the network and is causing an immediate threat or if it's just the local Starbucks across the street. Many of these systems can be deployed for pennies per square foot.

If you have such an environment, I'd recommend visiting the Aruba Networks Web site. Though not as economical as NetStumbler, (the cost varies according to the size of your network), wireless products from Aruba can help you gain far greater control over your wireless network environment. Products from AirMagnet and AirDefense are also popular choices for wireless network security. These products allow you to track down the rogues based on channel, MAC address, radio band, SSID (define) or vendor. On top of that they can monitor the air 24/7 and send alerts if a rogue is detected. They can also alert you to repeated authentication failures that might signal the presences of a hacker.

Well you can read the complete tutorial above link.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
zyclonixCommented:
Try downloading backtrack and running it from a laptop. Use Kismet on it, it finds all sorts of wireless networks. It's all free and extremely powerful.

You'll need to make sure the laptop has a good spec wireless system to get the most out of it.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.