Threats of rogue access points

The two most probable options of connecting to wireless network at work, when the company has no wireless capabilities are either buying your own wireless router or connecting to somebody else’s access point. Both of these situations can be dangerous to the company’s network and cause numerous potential security issues.

Let’s say the user buys his own router and installs his own access point, which will probably be unencrypted and could open a back door on the company’s network to any attacker within range. More likely, the user will use WEP encryption that is fairly insecure and may be no better than an unencrypted connection. Either way, the attacker can join the network with his own laptop, immediately getting behind all the company’s firewalls.

Another concern when connecting to unknown wireless router is trustworthiness of the DNS. If malicious users gain access to a router, they can change its DNS server to a malicious DNS that can give fraudulent responses.
A number of precautions can be taken to prevent this type of back door, such as checking for new wireless networks in offices and investigating, educating users on best practices for connecting to wireless network, having software running, that identifies any new or unknown servers.
By following these guidelines you may close a back door into your network.

Articles