Wireless LAN Security in detail

To reduce the risk of such attacks, three main types of tools can be used on a WLAN:

=> Mutual authentication
=> Encryption
=> Intrusion tools

Mutual authentication should be used between the client and AP. The authentication process uses a secret password, called a key, on both the client and the AP. By using some sophisticated mathematical algorithms, the AP can confirm that the client does indeed know the right key value. Likewise, the client can confirm that the AP also has the right key value. The process never sends the key through the air, so even if the attacker is using a network analysis tool to copy every frame inside the WLAN, the attacker cannot learn the key value. 

Also, note that by allowing mutual authentication, the client can confirm that the AP knows the right key, thereby preventing a connection to a rogue AP.

The second tool is encryption. Encryption uses a secret key and a mathematical formula to scramble the contents of the WLAN frame. The receiving device then uses another formula to decrypt the data. Again, without the secret encryption key, an attacker may be able to intercept the frame, but he or she cannot read the contents.

The third class of tools includes many options, but this class generally can be called intrusion tools. These tools include Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), as well as WLAN-specific tools. Cisco defines the Structured Wireless-Aware Network (SWAN) architecture. 

It includes many tools, some of which specifically address the issue of detecting and identifying rogue APs, and whether they represent threats.