[157317] in North American Network Operators' Group
Re: Detection of Rogue Access Points
daemon@ATHENA.MIT.EDU (Roy)
Mon Oct 15 11:54:39 2012
Date: Mon, 15 Oct 2012 08:54:25 -0700
From: Roy <r.engehausen@gmail.com>
CC: nanog@nanog.org
In-Reply-To: <CAC47Z9mdNQeoxz=4xH0hxJkMu+S2qjfgMusFe9GZf4z9o8ex5w@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Why not give them wireless Internet access only? That will keep all the
smartphone users happy.
On 10/15/2012 8:12 AM, Jonathan Rogers wrote:
> Well, quite frankly they have the tools they need. Our remote sites do not
> have any devices that require wireless. They don't have company-issued
> laptops, and personal laptops are not allowed. The policy is on the books
> but it isn't my department to make sure people know about it and follow it.
> Our end users at these branch offices are typically not very technically
> inclined and have no idea what a security risk this is (especially
> considering that we have EPHI on our network, although I can't really say
> more in detail than that). The person who put in the WAP I discovered
> doesn't even work for us any more.
>
> Port-based security might work, but our edge switches are total garbage
> (don't get me started, not in my control). I didn't find this WAP via
> nmap...it didn't show up. I believe it probably didn't have a valid
> management interface IP for some reason. We saw suspicious entries in the
> router's ARP table and starting looking around the office from there.
>
> --JR
>
> ...
