A rogue access point is an AP that is connected to a company’s physical network infrastructure but is not under that company’s administrative control. This could arise if an employee or student naively brought in a home WiFi-enabled router and connected it to the company’s infrastructure to provide wireless network access. This act introduces multiple threat vectors to the company, such as:
- 1.Insecure wireless authentication – the rogue AP might only support a deprecated and insecure encryption standard, such as WEP. Or even worse, be purposefully configured with open association and authentication.
- 2.Inappropriate attachment – the user could also physically attach the AP to a network port in a secure area of the network, or in an area without appropriate firewalling between it and sensitive information.
- 3.Inappropriate location – the AP could be placed close to the perimeter of a building, meaning that someone could listen in on the company’s network.
It’s clear that rogue access points are something we need to protect our business-critical WLAN and networks.