How can I make sure that a rogue access point has not been secreted somewhere on my network? I could label all the access points with a number then look at the connected devices in the router settings. But that requires human intervention. How do large network admins deal with this problem? I suppose it’s automated somehow.
https://nmap.org/book/osdetect-find-rogue-ap.html
Good APs have scanning for this built in, and a lot of admin products do too
https://www.sans.org/reading-room/whitepapers/detection/paper/1866
assuming its an active listener or active program.
nmap with its scripts. is good for active vuln scanning.
that being said.
sometimes it can just be an entry in a cron job or a hook inserted into a program that you need to run before a listener/dialer starts and makes a remote connection.
some hacks will stay dormant until a flag is triggered then spin up a listener/dialer when a specified event happens.
you would only catch this kind of exploit if you have something constantly looking, like glasswire or similar monitoring tools. its not the most effective approach as your waiting for something to happen then.
if your a business, then there are companies you can hire to do white hat, pen testing. and they will show you the holes in your network for a price, and while it wont be cheap.
it will likely be cheaper than the consequences of a leak or a cyber encryption attack.
seriously mate if your running a business the best option is hire a pro.
a week long contract from a good pen testing company will run you about 400-800 a day per person. so 5k for a week of solid testing if your a small outfit under 50 people.
or you could open your network to a public pen test on the likes of hackerone.
but then your risking public access by all kinds of hackers. white, gray and black hat, as well as all the script kiddies running burpsuit and gobuster thinking they are finding all the haxors
thank you for your replies.
This is a great project that I follow and have setup before. It’s a good tool for keeping an eye on your wireless surroundings. It has some Rouge ap detection and device finger printing capabilities as well baked right in. Can’t hurt to try it out.