Solved

Locating a hidden access point in our facilities

Posted on 2015-01-14
5
156 Views
Last Modified: 2015-01-26
We have a new wireless network in our facilities and the access points are detecting a rogue access point in the building. Apparently someone installed a wireless access point in the past with a hidden ssid and no one knew it was there.  Other then a couple of Android apps I've found, is there any way to locate a hidden broadcasting access point that is most likely not connected to the current network , but yet the radio is working and possibly it's trying to serve dhcp.....  We can isolate it to one part of our facilities because of the current access points it's conflicting with show us the area it's in. But there are a lot of places one could be hidden in this building. Is there something that by signal strength or something of that nature that would help us locate this device?
0
Comment
Question by:holcomb_frank
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 2

Accepted Solution

by:
NxJNY earned 167 total points
ID: 40548878
0
 
LVL 14

Expert Comment

by:Don Thomson
ID: 40548887
It sounds like one of your Employees has a Smartphone and has turned on WI-Fi hotspot. That allows you to use your Smartphone to turn on a mini wireless router on the phone

I use this all the time when I'm away from the office and need to access a WiFi signal for my laptop.

If you have access to an android Smartphone, download WifFiAnalyzer it should pick up the Wifi hotspot. Once you have identified the SSID  - change the view type to Signal Strength  and start walking around.

You should also put out a memo to all staff to make sure that when they at work - they should make sure that the WiFi Hotspot on their phone is turned off.

If it happens that the signal is coming from outside your offices, and is not password protected, you can use the WiFi Analyzer program to find where it's coming from and ask the owner to put a password on it.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 167 total points
ID: 40548899
I did an article on locating rogue DHCP servers a while back.  The section on identifying the device may be helpful in determining what device you are looking for, but not where if not physically connected to the network.
http://blog.lan-tech.ca/2012/04/23/rogue-dhcp-servers/
0
 
LVL 46

Assisted Solution

by:Craig Beck
Craig Beck earned 166 total points
ID: 40550071
As DTHConsulting said, walking around with a signal meter is probably going to be the fastest way to locate a rogue AP.  NxJNY has done a great job of pointing you at some good tools to help you.

Your APs should be reporting the MAC address of the rogue, so all you need to do is use a WiFi scanning tool to sniff-out the AP.  Remember, negative values are used for signal-strength, so -91dBm is a weak-to-non-existent signal while -39dBm is a strong signal.
0
 

Author Comment

by:holcomb_frank
ID: 40570760
Well it was never a question of someone's phone working as a hot spot. We had our current wireless network reporting a rogue AP and it had a company name on it so we knew that it was a router placed somewhere in the building. The problem was that no one knew where it was located, and the installer did so not broadcasting the ssid.  I did some research prior to coming to the site here, and I did see the tools mentioned in NxJNY's suggestion, and again in Rob Williams suggestion. And I did try a couple of those tools, but was unsuccessful....Homedale for one.  Eventually, I just started climbing around in the crawl space's looking for power and Ethernet in the same area. I did eventually find a Linksys small business access point tucked away.

Thanks for the suggestions.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
CISCO wireless controller & AP 2 32
Question about Buffalo NAS devices 4 48
No IP Address Assigned to VM 10 83
Problems with VPN 4 18
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question