best way to monitor for rogue access points?

[bwana]

How can I make sure that a rogue access point has not been secreted somewhere on my network? I could label all the access points with a number then look at the connected devices in the router settings. But that requires human intervention. How do large network admins deal with this problem? I suppose it's automated somehow.

 

[ColinTaylor]

An access point is little more than a wireless Ethernet bridge. As such it is no different than any other Ethernet device (e.g. a PC, printer, etc). So the question should probably be "how can I restrict what Ethernet devices are connected to my network"?

To detect malicious AP's specifically (which may not even be connected to your LAN) you'd need a tool like AirMagnet Survey PRO. IIRC Aruba and WatchGuard have something similar.

 

[bwana]

thank you. BTW, I read somewhere that I can enable channels 12-13 (which are used in Japan) and these channels are invisible to most wifi scanners

 

[ColinTaylor]

Channels 12 and 13 are used throughout the world. In fact it's mainly North America that doesn't use those channels. All WiFi scanners will be able to see them regardless of which country you're in.