Community discussions

MikroTik App
 
DotTest37
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 56
Joined: Sun Oct 06, 2013 10:01 pm

Rogue AP prevention/detection

Fri Aug 31, 2018 2:58 am

How can I prevent these two issues:
1- Someone connecting an unauthorized Access Point in my network (plugging an ethernet wire on the wall, but with different SSID from mine, using his own NATting).
2- Someone running an Access Point with my SSID (even if not plugged in my ethernet wiring, trying to fool my clients and potentially doing some MITM attack, it could even be across the street )

For "1" I could just allow only authorized MAC addresses in my network, but I guess there might be a better idea.
For "2" , probably I can set some Mikrotik AP for "scanning" and using a script to read the known MAC addresses on my authorized APs, and then report to syslog if a new AP with my SSID is detected, with a different MAC not on my list.

Not ideal solutions,, but thats all I can think for now.
Any suggestions?, how you guys do it? (in a scalable way, without having to walk around with a laptop scanning physical locations)
 
whatever
Member Candidate
Member Candidate
Posts: 149
Joined: Thu Jun 21, 2018 9:29 pm

Re: Rogue AP prevention/detection

Sat Sep 01, 2018 11:17 pm

1. Use physical security on your ports.
2. You cannot prevent anyone from using "your" SSID, but using WPA2+Radius authentification should prevent MITM.

Who is online

Users browsing this forum: No registered users and 28 guests