(1) A wireless access point (AP) installed by an employee without the consent of the IT department. Without the proper security configuration, users have exposed their company's network to the outside world. Ethernet jacks are ubiquitous, and it is a simple task to plug in a Wi-Fi (802.11) access point in order to provide wireless connectivity to anyone in the vicinity. For example, marketing might want wireless access for their traveling sales reps who always bring laptops. Consumer-oriented access points often do not have management interfaces and do not identify themselves on the network.
Rogue access points can be detected by performing a walking audit around the facility with sniffer software in a laptop or PDA. More reliable approaches are to install probes that constantly monitor the wireless network looking for changes or install server software that monitors both wired and wireless sides of the network. See also rogue site.
(2) An access point (AP) set up by an attacker outside a facility with a wireless network. Also called an "evil twin," the rogue AP picks up beacons (signals that advertise its presence) from the company's legitimate AP and transmits identical beacons, which some client machines inside the building associate with. As long as wireless security is enabled, this type of attack cannot compromise the user's machines. However, it can cause harm by slowing down the connections or causing users to lose connections with the real network.
Wireless Intrusion Detection
The BlueSecure RF sensor was designed to detect rogue access points and peer-to-peer (ad hoc) clients as soon as they appear on the network. Used with BlueSecure software, the system scans for a variety of suspicious activities such as war driving attacks. (Image courtesy of Bluesocket Inc., www.bluesocket.com)
Rogue access points can be detected by performing a walking audit around the facility with sniffer software in a laptop or PDA. More reliable approaches are to install probes that constantly monitor the wireless network looking for changes or install server software that monitors both wired and wireless sides of the network. See also rogue site.
(2) An access point (AP) set up by an attacker outside a facility with a wireless network. Also called an "evil twin," the rogue AP picks up beacons (signals that advertise its presence) from the company's legitimate AP and transmits identical beacons, which some client machines inside the building associate with. As long as wireless security is enabled, this type of attack cannot compromise the user's machines. However, it can cause harm by slowing down the connections or causing users to lose connections with the real network.
Wireless Intrusion Detection
The BlueSecure RF sensor was designed to detect rogue access points and peer-to-peer (ad hoc) clients as soon as they appear on the network. Used with BlueSecure software, the system scans for a variety of suspicious activities such as war driving attacks. (Image courtesy of Bluesocket Inc., www.bluesocket.com)
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2009 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- My scareware night and how McAfee lost a customer
- With their Comcast and AT&T dealsMcAfee has a huge market share hereit pretty much does nothing to prevent being infected by these rogue antivirus attacks.I have found Combofix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)is the most effective tool to remove these things but even that isn't 100%.Usually you will want to rename it before you...
- Discussion threads 2009-11-12
- Weak passwords dominate statistics for Hotmail's phishing scheme leak
- Weak Passwords suckUntil about 4 years ago my organization had no restrictions on passwords. Our students got their birthdays or their phone numbers as passwords and our staff could choose whatever they wanted. Most common staff password was 1234. Well after years of security breaches and administration...
- Discussion threads 2009-10-06
- Samsung M240 (Sprint)
- The same day it introduced the touch-screen Samsung Rogue, Samsung quietly unveiled the Samsung M240. Made for Sprint, the M240 is all about communication. Features are few--you don't even get Bluetooth--and the simple flip-phone design lends itself to making calls. On that front it does a decent job, but its...
- Product reviews 2009-09-16
- The ultimate guide to scareware protection
- Throughout the last two years, scareware fake security software, quickly emerged as the single most profitable monetization strategy for cybercriminals to take advantage of. Due to the aggressive advertising practices applied by the cybercrime gangs, thousands of users fall victim to the scam on a daily...
- Blog posts 2009-09-13
- Should "Standard User" be the default in Windows 7?
- Should "Standard User" be the default in Windows 7?Nopeit's one more example of how MS and usability are mutually exclusive. OS X has been able to implement credential checks effectively.Oh, and just to forestall the inevitable strawman about OS X now being a swiss cheese OS, the purpose of credentials...
- Discussion threads 2009-06-11
- Scareware pops-up at FoxNews
- There have been numerous reports from affected users that a scareware variant of PersonalAntivirus and ExtraAntivirus has been poping-up at FoxNews.com during the last couple of days, through a malvertising campaign. This most recent case of malvertising (MSN Norway serving Flash exploits through malvertising; Fake Antivirus XP...
- Blog posts 2009-04-15
- HP Photosmart Premium Fax All-in-One
- A single-function inkjet photo printer simply can't satisfy the daily needs of today's amateur photo enthusiast. As users discover more creative ways to get their photos on and off the screen, so too must their printers evolve to match these changing trends. HP is fully aware of the transition, and...
- Product reviews 2009-04-09
- Adobe Reader 9 and Acrobat 9 zero day exploited in the wild
- Yesterday, Adobe confirmed the existence of a critical vulnerability affecting Adobe Reader and Acrobat versions 9.0 and earlier, originally detected by the Shadowserver Foundation last week. The onging targeted attacks have since been confirmed by both, Symantec and McAfee urging users to disable JavaScript in Adobe Reader...
- Blog posts 2009-02-20
- Google sponsored links spreading (scareware) rogue AV
- Malware hunters at Websense Security Labs have discovered legitimate Google sponsored links being used to plant scareware programs (rogue anti-virus applications) on the computers of Windows users. In a blow-by-blow description of the rogueware attack, Websense researcher Elad Sharf shows how an innocent Google search for the...
- Blog posts 2008-12-16
- Wired vs. wireless - security vs. speed
- Wired vs. wireless - security vs. speedBut Zack...[i]...the only place in my house that I could get a decent wireless connection was lying on my back with my legs perched against the corner kitchen surface, with my laptop resting precariously on my belly.[/i]...isn't that the position you always assume when...
- Discussion threads 2008-11-27
- News to know: Storm; AMD, Intel; Tech economy reels
- Here are today’s notable headlines. You can get News To Know via email alert and RSS daily: Josh Taylor: Verizon announces BlackBerry Storm availability, pricing Larry Dignan: AMD unveils ‘Shanghai’; Aims to better compete with Intel AMD: Does the resurrection start...
- Blog posts 2008-11-13
- SPAM and the free lunch
- SPAM and the free lunchSIMPLE SOLUTION: Mandatory email server registration!(1) Get rid of "Reply-to:" tags.(2) Mandatory email server registration using credit cards, at yearly rate $2~3 dollars.This will make spammers impossible to operate without being caught.What SPAM is that?During the height of the "bad old days" of spam, I got...
- Discussion threads 2008-11-10
- 'Rogue admin' thought he was protecting network and city
- 'Rogue admin' thought he was protecting network and citysome network admins are just crazyI had a temp job at a major firm once, back when Win98 was standard. I decided to change the wallpaper on my computer once, using an image that was located on a network share to which...
- Discussion threads 2008-07-20
- 'Rogue admin' thought he was protecting network and city
- Paul Venezia at PC World has an exclusive insider account on Terry Childs, the rogue network admin who locked everyone out of the city's network. The story in essence is Childs is an extreme control freak who built and maintained an extremely complex network, perhaps...
- Blog posts 2008-07-20
- Rogue-Base Station Detection in WiMax/802.16 Wireless Access Networks
- This paper addresses to problem of detecting a rogue Base Station BS in WiMax/802.16 wireless access networks. A rogue BS is a malicious station that impersonates a legitimate Access Point AP. The rogue BS attack represents a major denial-of-service threat against wireless networks. This approach is based on the observation...
- White papers 2008-06-16
- Hacking SCADA for terrorism and destruction
- SCADA scares me, and I've seen enough things on the Internet to be desensitized to many things, but attacks against SCADA threaten our national security in a very real and topical way by attacking power grids, water treatment plants, nuclear plants, etc. Hacking networks that SCADA devices reside on and...
- Blog posts 2008-06-12
- Major career web sites hit by spammers attack
- What is the future of spamming next to managed spamming appliances, like the ones already offered for use on demand? It's targeted spamming going beyond the segmentation of the already harvested emails on per country basis, and including other variables such as city of residence, employment history, education, spoken languages,...
- Blog posts 2008-05-12
- Data Loss Prevention Starts at the Endpoint: Seeking Safety From the Data Loss Pandemic
- It's every CIO's nightmare: critical business data lost, stolen or maliciously exposed in a major breach of security systems or policy. It might be sensitive financial data, strategic plans, a new product design, customer account information or patient medical records. The vector of loss might be a stolen laptop, a...
- White papers 2008-04-01
- Say "No!" to bundled apps!
- Say "No!" to bundled apps!Roxio Creator 9 has got to be ....... one of the worst. Not only does it push a laundry list of programs already checked. It installs several DivX programs that aren't even listed with a check box. You can uninstall them later but...
- Discussion threads 2008-01-02
- Wi-Fi piggybackers confess
- Wi-Fi piggybackers confessWi-Fi piggybackers confesswhere i live there are literally hundreds of unsecured wifi networks - and that includes some business networks as well. It is amazing just how careless some people are when it comes to wifi.But what your article fails to mention is that with these unsecured networks...
- Discussion threads 2007-11-17
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Keep Up With The Latest In Document Management with The DocuMentor.
-
> Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- Reduce risk. Reduce complexity. Increase reliability.
-
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
- Learn more >>
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
