Rogue Access Points

Posted on 2011-10-05
Last Modified: 2013-12-27
Hi is there a way to scan for rogue access points and possibly block someone from plugging one into a network?  I use Cisco Switches, unsure if there is a command to prevent this.

Question by:Jack_son_
    LVL 29

    Expert Comment

    by:Randy Downs
    Your best defense is disabling DHCP. Then they would have to be abale to setup as a static ip.
    LVL 29

    Expert Comment

    by:Randy Downs
    You could try some of these to see if you detect unknown devices
    LVL 9

    Expert Comment

    You could use a product like GFI LANGuard or SolarWinds User Device Tracker. These do more detection and auditing, but that is an important first step. Once you get an alert that rogue device has been plugged in, you can go in a disable that port in your switch or go unplug it manually.

    To help minimize that risk on secure networks such has hospitals, all ports that are not currently in use are disabled, and a request to IT must be made to turn it on. May be overkill or not possible for you though, depends on your managements attitude usually.
    LVL 6

    Expert Comment

    Fortinet has some devices which will detect and then interfere with rogue access points, while providing you with controlled wireless.  You can control with APs are OK, and then interfere with the others so they don't get used.
    LVL 16

    Expert Comment

    You could also setup port security on the access ports of your cisco switches. This limits the number of MAC addresses that can access a switch port.

    See for details.

    Author Comment

    I wont be able to spend any money.  If you use port access, or the switch, could i block netgear and linksys mac addresses somehow?  
    LVL 16

    Accepted Solution

    Without getting a full database of all allocated MAC addresses, I don't knwo how you could ahcieve this. Another tech you could investigate is 802.1X. See for more details. I think you can use your Windows servers as the server and integrate it with AD.

    Featured Post

    Give your grad a cloud of their own!

    With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    Asymmetric Routing (Firewall) 3 40
    Sonicwall AP 3 40
    network + video series 4 39
    IPhone using PC internet 17 19
    In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
    This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
    This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now