Fighting Rogue Access Points At linux.conf.au

An anonymous reader writes "Last week's linux.conf.au saw the return of the rogue access points. These are Wi-Fi access points which bear the same SSID as official conference hotspots. Often it might be a simple mistake, but sometimes it's more nefarious. To combat the attacks this year, conference organisers installed a Linux-based Wi-Fi 'intrusion prevention and detection system' supplied by sponsor Xirrius." At most conferences I've been to, I'd be grateful just to be able to get on any access point.

Re:Cisco

[mindcandy]

Cisco's WLSE has APs dedicated to TDOA and cleanair .. you can upload a CAD drawing of the building and pinpoint where exactly your TDOA aps are at and it will show you exactly where (on a virtual drawing) the rouge AP or client is.

I've always got an access point on me

[Skarecrow77]

android phone + cyanogenmod + grandfathered verizon unlimited data plan = "it may not be perfect, but it gets the job done and it is still way better than the dialup connection I used back in the day."

unless I'm in some building shielded with sandwiched lead sheets or something. in which case, hell, screw it, time to read an ebook.

Re:This is a growing problem everywhere ....

[Hatta]

My co-workers have started asking me, "How do I know if it's safe to connect to a wi-fi hotspot when I'm traveling?" ... and I'm realizing the answer isn't very clear-cut.

The answer is very clear cut. All networks are hostile until proven otherwise. The solution is an encrypted tunnel back to a secure network. VPN or SSH tunneling are both easy to set up and use.