Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Do You Locate That Access Point?

Posted by Cliff on from the dowsing-wlan dept.

parp asks: "As an IT Manager I'm concerned about unauthorized Access Points being installed, or users who setup wireless computer to computer networks. How do you find the exact location of these devices? I've tried walking around the office with a laptop watching the signal, but the signal monitors that are included with most network drivers are very limited. The signal could be upstairs, downstairs or right around the corner, but I can't find it. Results of web searches I've done just tell you how to find a signal (wardrive), not the source. I'd be interested in any software or hardware device that can locate the device within a few feet."

6 of 159 comments (clear)

  1. loop antenna by chinakow · · Score: 4, Informative

    You would probably need to build a loop antenna, they are directional and as far as I know, do not have much gain, you would just need to spin the look to find the strongest signal and take a measurement from 2 different places, then you could just draw to lines on a decent site layout map and know within about 10 feet where the signal is, google for "radio fox hunt" or "loop antenna".

  2. netsnoop by John+Meacham · · Score: 4, Informative

    Just monitor the traffic to see who is actually using the link. you should be able to figure it out from their IP address or their browsing habits. Chances are it is whoever set up the link. You may have to use one of the many WEP crackers, but that shouldn't present a problem.

    If no one ever seems to be using it, it is possible you are picking up someones laptop with a built in 802 card that automatically enables without the user even knowing.

    --
    http://notanumber.net/
  3. Commercial Solutions by JackAsh · · Score: 4, Informative

    My company recently implemented a product called "WiFi Watchdog" from Newbury Networks (http://www.newburynetworks.com/). Damned nice product, and it has the capabilities you are looking for. The latest version of their software will give you a heat map as to where a device is likely to be overlaid on top of a map of your building.

    Other vendors selling a similar products include Airmagnet and AirDefense. Some of the bigger AP infrastructure guys such as Cisco even have some built in products to do similar things.

    The big advantage I found with NNI is that their product helps reduce false positives by identifying APs outside our building and labeling as such - so when a Sears truck drives by with a built in AP our alarm bells don't go off. Other neat things include a cool RADIUS service that "authorizes" connections based on location. Tied together with other authentication services that would make for a really really powerful solution for securing your wireless.

    Anyway, hope that helps find some good solutions for you.

    -Jack Ash

    PS: No, I am not an employee of NNI or anything of the sort, I'm just a guy who went through your exact problem last year and ended up finding this solution.

  4. Here.... by Aeiri · · Score: 4, Funny

    First, start on a floor you know has access to this access point. Then, get in the elevator and hit the top floor. Note what floor you get disconnected on. Do the same going down, and average those numbers together and you have the floor it's on.

    Once you are there, gather everyone around, and tell them that you know one of them has a wireless access point around. The first person to turn around and hurry away sneakily is your guy. Pull out your gun and shoot him in the back. Find his desk and everywhere he goes, and you'll eventually find the access point. Problem solved.

    Or were you wanting to do this legally? Then I would just get them in a headlock and "nugey" them until they tell you where it is.

  5. Re:Radio Direction Finding by chriso11 · · Score: 4, Funny

    I tried using a directional antenna and kept finding these.

    --
    No, I don't trust in god. He'll have to pay up front, like everybody else.
  6. Re:Something to check out... by QuantumRiff · · Score: 5, Insightful
    Airespace was recently purchased by Cisco. I just bought some of the equipment, and it is damn sweet.. One note about the location pinpointing though.. (see below for the poor mans fix..)

    By default it tells you that AP X detects an access Point. It tries to connect as a client, and ping spots on your network. This tells you if its on your network or not.. If you feel mean, you can flood it and shut it down.. (DOS attack built in!) However, if you want the precision mapping, you have to pay a very, very large chunk of change.. I have seen a demo, and it is pretty sweet to watch it pinpoint the exact location of a rouge AP. Keep in mind that this uses triangulation. You need more than one of your Cisco AP's to be able to see this rouge to get it pinpointed.

    (Poor/Evil BOFH Fix) I would connect through the access point, note my IP, see if I could Ping the network.. Then, check the IP/Mac address, and find what port on my switches it is coming from. Disable the port. (if you have a nicely labeled patch panel, you could walk to the switch, and see exactly where the port is..) Wait for someone to complain about no network activity...

    --

    What are we going to do tonight Brain?