Rogue access points are an increasing area of concern. The attackers perform a denial of service (DOS) attack on the legitimate router and set up a fake access point with the same SSID, forcing the stations to connect to the rogue access point. The attackers can set up a fake access point through a number of ways. Identifying these rogue APs is what we will look at next.
Identifying rogue access points
Obvious changes in the MAC address
Say that we have a rogue access point in the vicinity. Using airodump-ng to capture packets, we get the following:
We can see that we have two networks with similar configurations, and the only changes we can see for now is the BSSID (MAC address) and the MB (link speed). While the MB...