Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 526
  • Last Modified:

wifi rogue networks

can wifi rogue networks be detected by a wireless intrusion detection system(WIDS)? If so, which WIDS(s)?
0
thebw
Asked:
thebw
1 Solution
 
dluetkeCommented:
Hi,
rogue access points can be detected. http://www.wimetrics.com/ has a solution which they call "WiSentry". Here are the features:

    * Detect Wireless AP's from the WIRED network and uniquely identify Rogue Devices
    * Now provide VLAN Mode - optimized to VLAN topologies
    * Provide real-time configurable alerts to network administrators
    * Record information about intrusions for analysis and reporting
    * Are entirely software-based, allowing for easy download, deployment, and risk free evaluation

From another source you can download a whitepaper: http://www.proxim.com/learn/library/whitepapers/Rogue_Access_Point_Detection.pdf

And here is a discussion article from networkworld if this is really needed: http://www.networkworld.com/newsletters/wireless/2004/1115wireless2.html

So, there is a WIDS available .... and not just one ;-)

cheers,
Dirk
0
 
imacgoufCommented:
Hi,

There is a tutorial that help you Track Down Rogue Wireless Access Points
http://www.wi-fiplanet.com/tutorials/article.php/3590551

EXTRACT form above
There are a couple of ways of detecting Rogue APs.
One of the more popular and cost-effective techniques is to have a technician perform manual checks with a laptop or PDA running NetStumbler.

NetStumbler is a tool for detecting all wireless networks within a broadcast area. There are actually two different versions of NetStumbler, and both are downloadable for free at the company's Web site. One version is designed for use with laptops, while the other version (Mini Stumbler) is for use with a Pocket PC. Both versions also support the use of a GPS card. This allows NetStumbler to create a map showing the locations of all the wireless APs within a specified area.

The simplest way to hunt down a Rouge AP is to take a laptop that's running NetStumbler and walk in the direction that produces the greatest signal strength from the questionable access point. You'll soon know if the signal is coming from within your building or from somewhere else. If the signal is coming from your building, you can probably use the signal strength to narrow down your search to a single room. After that, you'll just have to hunt around the room until you find the access point.

......
These techniques should work well enough in a small office, but for larger environments, you should really consider investing in something a bit more specialized. There are a number of proprietary solutions available from a variety of creditable vendors. These vendors will deploy an advanced RF monitoring system into your network that can monitor the air and detect access points. Some have even gone as far as being able to classify if a unauthorized AP is actually plugged into the network and is causing an immediate threat or if it's just the local Starbucks across the street. Many of these systems can be deployed for pennies per square foot.

If you have such an environment, I'd recommend visiting the Aruba Networks Web site. Though not as economical as NetStumbler, (the cost varies according to the size of your network), wireless products from Aruba can help you gain far greater control over your wireless network environment. Products from AirMagnet and AirDefense are also popular choices for wireless network security. These products allow you to track down the rogues based on channel, MAC address, radio band, SSID (define) or vendor. On top of that they can monitor the air 24/7 and send alerts if a rogue is detected. They can also alert you to repeated authentication failures that might signal the presences of a hacker.

Well you can read the complete tutorial above link.

0
 
zyclonixCommented:
Try downloading backtrack and running it from a laptop. Use Kismet on it, it finds all sorts of wireless networks. It's all free and extremely powerful.

You'll need to make sure the laptop has a good spec wireless system to get the most out of it.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now