rajith Posted December 5, 2015 Share Posted December 5, 2015 Hi, I am trying to identify rouge access point from legitimate access point. Have any one try this ? Quote Link to comment Share on other sites More sharing options...
barry99705 Posted December 5, 2015 Share Posted December 5, 2015 It's a lot harder to do than it sounds. The easiest way is to turn off your known good ap and locate the still transmitting rogue. Or changing the ssid temporarily. Quote Link to comment Share on other sites More sharing options...
rajith Posted December 6, 2015 Author Share Posted December 6, 2015 hi, thanks for the reply. Thing is that in end user mode we cannot shut legitimate AP's. In administrator level that can be done. Is there a way to analysis the frequency density with a software run on laptop ? Quote Link to comment Share on other sites More sharing options...
cooper Posted December 6, 2015 Share Posted December 6, 2015 The only thing you have is radiowaves of a legitimate transmitter and that of a rogue trantmitter that's trying *really* hard to mimic the real one. I would look for deauth attacks in progress as that's the best way to get your victims to disconnect from the legitimate AP. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted December 6, 2015 Share Posted December 6, 2015 The only thing you have is radiowaves of a legitimate transmitter and that of a rogue trantmitter that's trying *really* hard to mimic the real one. I would look for deauth attacks in progress as that's the best way to get your victims to disconnect from the legitimate AP. The problem is if they set the rogue up properly, then the mac address will be the same as the legit ap. You're not going to be able to tell the difference between the real ap and the rogue just from that. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.