MicroNugget: How to Contain Rogue Access Points in a WLAN

Рет қаралды 23,097

Күн бұрын

Пікірлер: 10

@KeithBarker 11 жыл бұрын

Great questions. The documentation I was just reviewing (from Cisco's site) said that the rogue containment uses between 5-10 percent of the AP's performance, with a cap of 30%, but I didn't see specifics as to how often the flood of deauth messages would be sent. If the offending AP was in the same frequency bands as our production APs, then that could hurt performance, but the APs would be told to move to a new band (by the wlc) to avoid interference. Thanks for the questions, Keith

@ChrisGagnonDIY 8 жыл бұрын

love all your videos. thanks for the micro nugget

@IhorSirishtan 9 жыл бұрын

Wonderful video. Superb information presentation. Really enjoyed it!

@armyguy298 11 жыл бұрын

Keith, a couple questions. 1. At what interval do the "deauth" messages broadcast? 2. Could the additional noise affect network performance? Thanks for another great video!

@adedejiemmanuel1 4 жыл бұрын

Thanks for the video. Is a "Deauthenticatication attack" the same as the "Disassociation attack"?

@dg404null 3 жыл бұрын

very helpful

@markustoomiste4441 3 жыл бұрын

What I don't understand is that if you have an access point plugged into your network that isn't managed by the WLC, then how come you need to scan for it with your APs? Wouldn't it come up over the wired traffic?

@markustoomiste4441 3 жыл бұрын

If you can't distinguish a rogue AP over the wired traffic then how come after scanning for them with your APs you know which ones are a part of your network which ones are just adjacent networks' traffic reaching your APs' sensors.

@cbtnuggets 3 жыл бұрын

Hi, Markus! Most of today's access points will have a specific port or protocol it uses to communicate with a wireless LAN controller. There are also times that you may not want it to be adopted into the main network. There might be additional configurations needed. If an additional AP was wired into the network, the vendor and protocols might be different and don't come up right away. The AP's working with the WLC can scan for neighboring AP's to help identify issues. It's best practice to also lock down the ports that are not in use. So if there is a port in the office that is not used regularly, you can do a few things like isolating it into an empty VLAN, and also set up port security to be notified of the connection. Hope that helps! Thank you for learning with us.

@markustoomiste4441 3 жыл бұрын

@@cbtnuggets Thanks for responding to a comment of a 7 year old video. Very impressive.