Professional Documents
Culture Documents
Hemant Chaskar
AirTight Networks
www.AirTightNetworks.com
What is Rogue AP
Unmanaged
Malicious
Commoditization
Wall Jack AP
Pocket AP
Wireless Router
PCMCIA and USB APs
It
Rogue
AP on network =
(logically) LAN jack of
your network hanging
out of the premises
RF
signal spillage of
Rogue AP provides
access to wired
enterprise network from
outside of the premises
Mapping
Scanning
MIM
See
No!
Firewall
Firewall
Firewall
Rogue AP
Office Premises
and LAN
Internet
Firewall
2009, AirTight Networks Inc. All Rights Reserved.
Attacker
No!
You
Rogue
In
If
Rogue AP
Legitimate
user
Rogue APs over bridging laptops
MAC spoofer
No!
Rogue
If
Rogue AP
Legitimate
user
Rogue APs over bridging laptops
MAC spoofer
Sensor
Rogue AP
Locates Rogue AP for easy
See
demonstration video at
http://www.airtightnetworks.com/fileadmin/content_images/
demos/RogueAP-Demo/RogueAP-Demo.html
Various
subnets
2009, AirTight Networks Inc. All Rights Reserved.
No!
Several
Authorized
AP
External
AP
Rogue
AP
Unmanaged APs
(Dynamic Part)
Not connected
to my network
Connected to
my network
If
If
signature packets
between wired and
wireless interfaces
Confirm network
Packet
For
Over
connection to Rogue AP by
transmitting spoofed
disconnection frames
Deauthentication is popularly
Switch
port disable
WIPS Sensor
Rogue AP
Works independent of
Switch
port disable
infrastructure
No interoperability problems
interoperability problems
Conclusion
Rogue
Rogue
Rogue
Sensor
Testing