Solved

Locating a hidden access point in our facilities

Posted on 2015-01-14
5
144 Views
Last Modified: 2015-01-26
We have a new wireless network in our facilities and the access points are detecting a rogue access point in the building. Apparently someone installed a wireless access point in the past with a hidden ssid and no one knew it was there.  Other then a couple of Android apps I've found, is there any way to locate a hidden broadcasting access point that is most likely not connected to the current network , but yet the radio is working and possibly it's trying to serve dhcp.....  We can isolate it to one part of our facilities because of the current access points it's conflicting with show us the area it's in. But there are a lot of places one could be hidden in this building. Is there something that by signal strength or something of that nature that would help us locate this device?
0
Comment
Question by:holcomb_frank
5 Comments
 
LVL 2

Accepted Solution

by:
NxJNY earned 167 total points
ID: 40548878
0
 
LVL 14

Expert Comment

by:Don Thomson
ID: 40548887
It sounds like one of your Employees has a Smartphone and has turned on WI-Fi hotspot. That allows you to use your Smartphone to turn on a mini wireless router on the phone

I use this all the time when I'm away from the office and need to access a WiFi signal for my laptop.

If you have access to an android Smartphone, download WifFiAnalyzer it should pick up the Wifi hotspot. Once you have identified the SSID  - change the view type to Signal Strength  and start walking around.

You should also put out a memo to all staff to make sure that when they at work - they should make sure that the WiFi Hotspot on their phone is turned off.

If it happens that the signal is coming from outside your offices, and is not password protected, you can use the WiFi Analyzer program to find where it's coming from and ask the owner to put a password on it.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 167 total points
ID: 40548899
I did an article on locating rogue DHCP servers a while back.  The section on identifying the device may be helpful in determining what device you are looking for, but not where if not physically connected to the network.
http://blog.lan-tech.ca/2012/04/23/rogue-dhcp-servers/
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 166 total points
ID: 40550071
As DTHConsulting said, walking around with a signal meter is probably going to be the fastest way to locate a rogue AP.  NxJNY has done a great job of pointing you at some good tools to help you.

Your APs should be reporting the MAC address of the rogue, so all you need to do is use a WiFi scanning tool to sniff-out the AP.  Remember, negative values are used for signal-strength, so -91dBm is a weak-to-non-existent signal while -39dBm is a strong signal.
0
 

Author Comment

by:holcomb_frank
ID: 40570760
Well it was never a question of someone's phone working as a hot spot. We had our current wireless network reporting a rogue AP and it had a company name on it so we knew that it was a router placed somewhere in the building. The problem was that no one knew where it was located, and the installer did so not broadcasting the ssid.  I did some research prior to coming to the site here, and I did see the tools mentioned in NxJNY's suggestion, and again in Rob Williams suggestion. And I did try a couple of those tools, but was unsuccessful....Homedale for one.  Eventually, I just started climbing around in the crawl space's looking for power and Ethernet in the same area. I did eventually find a Linksys small business access point tucked away.

Thanks for the suggestions.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

Suggested Solutions

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now