Rogue access point detection

What is claimed is: 1 . A method comprising: 2 . The method of claim 1 , wherein the network element comprises one or a combination of a network controller, a gateway, a router, a firewall, a hub and a switch. 3 . The method of claim 1 , wherein said detecting a potential rogue AP in the network comprises scanning, by the managed AP, the network for an AP that is not among those on a list of valid APs. 4 . The method of claim 3 , wherein the list of valid APs includes Media Access Control (MAC) addresses of the valid APs. 5 . The method of claim 1 , further comprising injecting, by the network element, the special network packet through a wired interface within one or more communication sessions associated with the potential rogue AP. 6 . The method of claim 5 , wherein the one or more communication sessions comprise a transmission control protocol (TCP) session and wherein the special network packet comprises a TCP packet. 7 . The method of claim 5 , wherein the one or more communication sessions comprise a user datagram protocol (UDP) session and wherein the special network packet comprises a UDP packet. 8 . The method of claim 1 , wherein the defined pattern comprises a length of the special network packet. 9 . The method of claim 1 , wherein the potential rogue AP comprises a layer 3 AP. 10 . The method of claim 1 , wherein said detecting whether the special network packet is transmitted by the potential rogue AP comprises receiving, by the managed AP, the special network packet on a wireless interface of the managed AP. 11 . A system for detecting a rogue access point (AP) comprising: a potential rogue AP identification module, operable within a managed AP of a network, configured to detect a potential rogue AP in the network; a special packet injection module, operable within a network element on a wired side of the network, configured to inject a special network packet having a defined pattern onto the network; a rogue AP evaluation module, operable within the managed AP, configured to detect whether the special network packet is transmitted by the potential rogue AP; and wherein responsive to receiving an indication from the rogue AP evaluation module that the special network packet has been detected by the rogue AP evaluation module, the managed AP identifies the potential rogue AP as a confirmed on-wire rogue AP. 12 . The system of claim 11 , wherein the network element comprises one or a combination of a network controller, a gateway, a router, a firewall, a hub and a switch. 13 . The system of claim 11 , wherein the potential rogue AP is detected by the managed AP by scanning the network for an AP that is not among those on a list of valid APs. 14 . The system of claim 13 , wherein the list of valid APs includes Media Access Control (MAC) addresses of the valid APs. 15 . The system of claim 11 , wherein the network element injects the special network packet through a wired interface within one or more communication sessions associated with the potential rogue AP. 16 . The system of claim 15 , wherein the one or more communication sessions comprise a transmission control protocol (TCP) session and wherein the special network packet comprises a TCP packet. 17 . The system of claim 15 , wherein said one or more communication sessions comprise a user datagram protocol (UDP) session and wherein the special network packet comprises a UDP packet. 18 . The system of claim 15 , wherein the defined pattern comprises a length of the special network packet. 19 . The system of claim 11 , wherein the potential rogue AP comprises a layer 3 AP. 20 . The system of claim 11 , wherein the rogue AP evaluation module detects the special network packet when the managed AP receives the special network packet on a wireless interface of the managed AP.