Submission + - How to scan your office for rogue WI-FI devices?
An anonymous reader writes: I've just started working for a financial institution, and I've been assigned to finding ways (procedures/technology) to defend our offices against rogue wi-fi devices. After an incident, one has identified the risk that an attacker could place a sniffing or other malicious device in the network, that transmits data to outside our offices, over a wi-fi networking interface.
The company I work for has sought the help of consultants, but I have found both their approach and solutions less than satisfying. They have proposed that someone walks around the office with a scanning device, searching for unregistered wi-fi devices. This approach is very time-consuming (if you have several offices to scan, on a regular basis), it won't find devices that will only transmit data at night, and the scan itself is complicated by the fact that it also will find devices in nearby buildings.
Other things to consider:
— Performing a physical search of our offices is not an option.
— Putting the office in a Faraday cage is not an option either, as it would block cell phone traffic as well.
— The complete ban on wi-fi is probably going to be lifted. Higher management just loves wi-fi...
— I've been considering the introduction of IPv6, so that one could more easily assign IP addresses to bona fide wi-fi devices, and control wi-fi access. But that would still require additional measures.
What would you do to prevent and/or detect rogue wi-fi devices?
The company I work for has sought the help of consultants, but I have found both their approach and solutions less than satisfying. They have proposed that someone walks around the office with a scanning device, searching for unregistered wi-fi devices. This approach is very time-consuming (if you have several offices to scan, on a regular basis), it won't find devices that will only transmit data at night, and the scan itself is complicated by the fact that it also will find devices in nearby buildings.
Other things to consider:
— Performing a physical search of our offices is not an option.
— Putting the office in a Faraday cage is not an option either, as it would block cell phone traffic as well.
— The complete ban on wi-fi is probably going to be lifted. Higher management just loves wi-fi...
— I've been considering the introduction of IPv6, so that one could more easily assign IP addresses to bona fide wi-fi devices, and control wi-fi access. But that would still require additional measures.
What would you do to prevent and/or detect rogue wi-fi devices?