Rogue access point

Definition: A rogue access point is a wireless access point that has been installed on a secure network without explicit authorization from the network administrator.

Overview: Rogue access points pose a significant security risk to enterprise and private networks because they can allow unauthorized users access to network resources. These access points may be introduced intentionally by malicious actors or inadvertently by employees or users seeking to extend network connectivity for convenience. Once connected, a rogue access point can enable data interception, network intrusion, or serve as an entry point for malware and other cyber threats. Network administrators commonly employ wireless intrusion detection systems (WIDS) and wireless intrusion prevention systems (WIPS) to identify and mitigate rogue access points.

Etymology/Origin: The term "rogue" in this context originates from its general meaning of "unauthorized" or "uncontrolled," often used to describe entities acting outside established systems or rules. "Access point" refers to a networking hardware device that allows wireless devices to connect to a wired network using Wi-Fi or related standards. The compound term "rogue access point" emerged in the early 2000s with the proliferation of wireless networking and the associated security challenges.

Characteristics:

Unauthorized connection: Not approved or configured by the network administrator.
Physical presence: Typically a hardware device connected to the secure network physically or wirelessly bridged.
Broadcasting behavior: Often broadcasts a service set identifier (SSID), potentially mimicking legitimate networks (e.g., in evil twin attacks).
Security vulnerabilities: Frequently lacks proper encryption or authentication mechanisms, exposing the network to attacks.
Detection challenges: May be difficult to detect if hidden or located in remote physical areas.

Find the meaning, context, and related topics in one search.

Rogue access point

More topics to explore