Don, A trick that I have been willing to test for a long time would be to join the Rogue AP, send traffic to a know sniffing host in that same layer2 network. This will reveal the Wired MAC address of the AP. Then search for that MAC on your wired side and disable the port. (if you have a good circuit-to-switchport DB, you know the location as well) If the AP doesn't allow guests, we use Directional Antennas and Wireless Sniffers as you mentioned.
And as I have mentioned before: we rarely have Rogue APs in places were we provide decent Free Wireless coverage! Philippe Hanset University of Tennessee On Fri, 4 Feb 2005, Donald Gallerie wrote: > In an effort to better identify rogue access points, can any of you > recommend tools that would make the physical and network pinpointing of WAPs > a bit easier. We have identified a number of rogues but cannot ascertain > exactly where they are. We have tried getting the mac address from the > wireless side and doing an arp lookup but oftentimes they are running NAT > and the mac on the wired side is different. > > We would like to sweep the campus and get as much information as we can > in a single pass (automatic documentation features would also be useful). I > had thought about using a directional antenna and netstumbler but thought > others may have found other, more user friendly tools. > > Any recommendations? > > Don Gallerie > Assistance Director > Telecommunications > The University at Albany > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
