Wireless & Mobile
Subscribe to this site with RSS
Detecting rogue access points on campus
Our dormitories come pre-wired with Ethernet connections, for which the students pay a small monthly fee. To get around the
fee, some students are installing Wi-Fi access points and sharing their Internet connection with their roommates and other
friends - for free. How can I stop this? Thanks.
- Dwight Smith
This has serious implications for your network. In a situation I came across recently at a smaller private college, a majority of the access points I found were just unpacked, plugged in and turned on. No security settings at all, allowing someone to drive by and hop on the network. You will need to attack this from several perspectives. The first is a matter of policy. You and your department head should draft a policy indicating that the presence of access points can only be done with the approval of your department and that they must meet certain criteria. This will give you some teeth to enforce the removal of access points from your network.
Next, consider implementing something Netreg. This is an open-source IP management solution that is specifically targeted at educational institutions. It sets up a DHCP/DNS server that will prohibit "unregistered" devices to go anywhere on your network. It gives them an IP address that won't travel outside of your network or be able to access any of your servers. You configure how the users can authenticate - against a POP, FTP or using Microsoft's Active Directory or LDAP. You will want to configure your firewall so it blocks any outgoing requests from any IP address on your network other than the range given out by Netreg to authenticated users.
There are several tools in the open-source community that can help you find the rogue access points on your network. The first is Netstumbler. It is available on either a PC or Window CE PDA platform, and gives you a sneak peek at the wireless activity on your network. This will show you the access points that have been left at default settings. If some students have disabled SSID broadcasting or turned up additional security, you may need to attack this from a different angle. Nessus is an open-source vulnerability scanner than runs on Linux. There are several how-to documents available that show you how to use Nessus to look for access points on your net. If you look closely on Sourceforge.net, you should find several bootable CD Linux distros that have even more wireless tools available that can help you identify and find access points.
| Use this form to start a public discussion with other Linux World users on this article. Log In | Register for an account (Why you should) |
Note: Register to have your user name appear; otherwise your comment will show up as "Anonymous."
*Anonymous comments will only appear once they are approved by the moderator.
• Dell puts Linux and Atom in Vostro PCs
• Mozilla names best Firefox 3 add-ons
• Torvalds: Fed up with the 'security circus'
• Dell Latitude ON - big win for Linux
• Open source advocates hail appeals court ruling
LinuxWorld Conference and Expo San Francisco, August 4-7, 2008.
Linux Plumbers Conference Portland, OR, Sept. 16-19, 2008.
FreedomHEC Santa Monica, November 8-9, 2008.
Featured Whitepapers