Rogue Access Points and Evil Twins – CompTIA Security+ SY0-501 – 1.2

A single poorly-placed access point can ruin your day. In this video, you’ll learn about rogue access points and evil twins, and you’ll learn how to prevent rogue access points and mitigate the presence of a potential evil twin.

<< Previous Video: Wireless Replay Attacks Next: Wireless Jamming >>


Imagine if someone could simply connect to your network without needing any special authentication. Imagine if they could do that while sitting in your parking lot. That’s one of the challenges you have when there may be rogue access points on your network.

It’s so easy for someone to be able to simply plug-in one of these access points. And you can certainly buy them relatively inexpensively. And they’re so easy to configure and turn on. It only takes a few minutes to plug into your network. And now, suddenly, your network is accessible to everyone.

If you’re someone who administers a wireless network, you might want to schedule a survey. You can walk around your facility, use some tools that help you identify where wireless communication is coming from, and make sure that nobody has plugged in an access point without permission.

Another import mitigation step might be to configure 802.1X on all of your network devices. This is network access control and it requires authentication for everybody who wants to use any resources on the network.

One security concern higher than a rogue access point would be a wireless evil twin. It seems to start the same way. Someone can buy an access point and plug it into the network. But what they do is configure it exactly the same way as your existing access points. It has the same SSID. It has the same security encryption and perhaps the same passwords configured in the device.

And if they’re able to even put this closer to the users, the signal from the evil twin could overpower the existing access points and all of your users may, instead, be connecting to the evil twin instead of connecting to your legitimate access points.

This wireless evil twin may be something that’s difficult to configure in an environment where you’re using 802.1X, but what about open networks at hotels and coffee shops? Those Wi-Fi hotspots are very easy to fool. And because they’re wide open, you can suddenly become the controller of this network.

And one thing that you may want to do, regardless of where you happen to be, is to make sure that you’re always encrypting communication. That way, if somebody is configuring a wireless evil twin and capturing your data, at least they won’t be able to see any of your traffic inside of those data streams.