A "Rogue Access Point" is any access point detected by an Unleashed access point that is not
part of the Unleashed network. Rogue devices are detected during off channel scans (background
scanning) and are simply other access points that are not part of the Unleashed network (e.g., an
access point at a nearby coffee shop, a neighbor's apartment or shopping mall).
Typically, rogue access points are not a threat, however there are certain types that do pose a
threat that will be automatically identified as "malicious rogue APs." The three automatically
identified malicious access point categories are as follows:
- WLAN-Spoofing: These are rogue access points that are beaconing the same WLAN name as an
Unleashed access point. They pose a threat as someone may be attempting to use them as a honey
pot to attract your clients into their network to attempt hacking or man-in-the-middle attacks
to exploit passwords and other sensitive data.
- Same-Network: These are rogue access points that are detected by other access points as
transmitting traffic on your internal network. They are detected by Unleashed access points
seeing packets coming from a 'similar' MAC address to one of those detected from an over the
air rogue AP. Similar MAC addresses are +-5 MAC addresses lower or higher than the detected
over the air MAC address.
- MAC-spoofing: These are rogue access points that are beaconing the same MAC address as an
Unleashed access point. They pose a threat as someone may be attempting to use them as a honey
pot to attract your clients into their network to attempt hacking or man-in-the-middle attacks
to exploit passwords and other sensitive data.