Release Notes
Parameter Description Range Default
detect-beacon-wrong-channel
Enable/disable detection of beacons
advertising the incorrect channel
— disable
detect-hotspotter
Enable/disable detection of the
Hotspotter attack to lure away valid
clients.
— disable
hotspotter-quiet-time
Time to wait in seconds after detecting an
attempt to Use the Hotspotter tool
against clients.
60-
360000
seconds
900
seconds
no
Negates any configured parameter. — —
protect-ap-impersonation
When AP impersonation is detected, both
the legitimate and impersonating AP are
disabled using a denial of service attack.
— false
Usage Guidelines
A successful man-in-the-middle attack will insert an attacker into the data path between the client and the AP.
In such a position, the attacker can delete, add, or modify data, provided he has access to the encryption keys.
Such an attack also enables other attacks that can learn a client’s authentication credentials. Man-in-the-middle
attacks often rely on a number of different vulnerabilities.
Example
The following command enables detections in the impersonation profile:
(host) (config) #ids impersonation-profile floor1
(host) (IDS Impersonation Profile "floor1") #detect-beacon-wrong-channel
(host) (IDS Impersonation Profile "floor1") #detect-ap-impersonation
Command History
Version Modification
ArubaOS 3.0 Command Introduced
ArubaOS 3.4 detect-sequence-anomaly, sequence-diff, sequence-quiet-time, sequence-time-tolerance
parameters deprecated.
ArubaOS 6.0 Deprecated predefined profiles and added numerous Impersonation profile options
Deprecated Predefined Profiles
IDS Impersonation profile:
l ids-impersonation-disabled
l ids-impersonation-high-setting
Dell Networking W-Series ArubaOS 6.4.x | Reference Guide ids impersonation-profile | 378