Rogue Router

From ITS Wiki - Information Technology Services - University of Rhode Island

Networking This page is part of a category. To see more pages like this, go to the Networking index.

Contents 1 How It Works 2 Problems 3 IP Addressing 3.1 The Good 3.2 The Bad 4 Reporting 4.1 IP Address 4.2 MAC Address 5 Further Information

How It Works

A wireless router is a device designed to route internet traffic between an ethernet connection and wireless clients. Any number of wireless clients may be using the router to connect to the internet.

Problems

• Security Risk - Unlike university routers that require eCampus username-based authentication, rogue routers do not and as a result, could allow any virus-infected, malicious machine to join the network. Other users on that network have a high risk of becoming infected. Further, traffic on a rogue network (such as credit-card information) is not secure.

• Unreliable Surfing - Because a router handles multiple clients behind a single interface, traffic is slowed immensely as more people join the rogue network. Also, adding devices between a computer and the university network is likely to slow traffic down no matter how many clients are connected.

• Incorrect Configuration - In September of 2005, a single incorrectly configured router (plugged into an ethernet port backwards) took down internet services in an entire dorm. Users who have poor wireless connectivity should not attempt to remedy the situation themselves; a simple call to the Help Desk is often the solution.

IP Addressing

The Good

172.x.x.x - University wireless systems. Fast and secure.

The Bad

192.168.x.x - Generic hardware (Linksys, Netgear, etc.)
10.0.0.x - Apple hardware (Airport Extreme, Express, etc.)

Reporting

If a user finds themselves connected to a rogue router (anything other than "Student" or "Academic", they should report it to the Help Desk immediately, along with the router name, IP address, and MAC address.

IP Address

To find the IP Address of a router while connected to it, simply browse to http://whatismyip.com and look for a 4-octet number, such as 131.128.x.x

MAC Address

To find the MAC Address of a router while connected to it, open a terminal and type arp -a and look for a 6-octet number, such as 00:12:34:56:78:90

Further Information

Please see the Rogue Routing article for more in-depth details on the wired and wireless implications and security risks of improperly or maliciously configured routing devices. The article covers more technical information beyond the scope of this page.