Rogue access points are wireless access points that have been installed onto the local network of a company without the explicit permission of the administrator or the IT department head.

Rogue access points can either be installed by Hackers to carry our man-in-the-middle attacks or by employees themselves to bypass the browsing restrictions in the company placed through wired networks.

In order to stop the installation of rogue access points, the administrators of the local network can install and monitor the wireless network intrusion preventions systems that would allow them to monitor the radio spectrum of rogue access points.

To detect access points that are rogue in nature first check if the access point is in the list of managed access points or not. The second condition that can be checked is whether the access point itself is connected to a secure network.

The first condition is fairly straight forward and easy to check and this can be done by comparison of the BSSID or wireless MAC address of the suspect access point.

Once that is done, the second step is also simple which involves checking of the network transmission that occurs through the spectrum utilized by the suspect access point.