Locate Rogue Access Points Using Data From WiFi Positioning Databases

Locate Rogue Access Points Using Data From WiFi Positioning Databases

If you don’t have an Enterprise Wireless Intrusion Detection/Prevention System (WIDS/WIPS) to help estimate the location of the rogue access point I recommend using our OUI Lookup Tool to provide data on which side of building to start searching for the rogue access point hunt.

The recommended steps are below.

  1. Go to http://www.ouilookup.com

    Enter the full BSSID of the rogue access point in the form labeled “MAC Address and/or Manufacturer Name” and click search. The search will return the manufacturer name in the table and show lat/long search buttons.

    rogue-access-point-search-using-ouilookup-tool

  2. Use either button to locate the lat/long of the BSSID. Database A (DB A) only returns results of the lat long is known for the BSSID. Database B (DB B) always returns results but if the BSSID is not available in Database B (DB B) the tool returns the lat/long of the requesters IP address using IP Geolocation. We are working on suppressing these results or adding an indication when the results are not an exact match for the BSSID but an IP Geolocation result.
    rogue-access-point-lat-long-search-using-ouilookup-tool
  3. Click the “Show on Google Map” link to view the BSSID on Google Maps.

    rogue-access-point-google-maps

  4. Use information to help you start searching for the rogue access point by starting on in the corner/on that side of the building when using the unidirectional or omnidirectional method to locate rogue access points.

    Note: The marker is most likely not the location of the rogue access point but simply the location of the “Warcrowding” device that uploaded the lat/long of the BSSID to the WiFi Positioning database.

    rogue-access-point-lat-long-ouilookup-tool-results

Our post about Locating Rogue Access Points has information about the two most common methods used to find rogue access points.