Controller Based WLANs

What is a “honeypot” attack?

Product and Software: This article applies to all Aruba controllers and ArubaOS versions.


A "honeypot" attack is a kind of AP impersonation attack where an attacker who sits outside of the building sets up an AP that assumes the BSSID and ESSID of a valid AP and attempts to lure enterprise clients to connect to it.


A honeypot attack is normally a prelude to some other type of attack, such as man-in-the-middle or client vulnerability probing.

Version History
Revision #:
1 of 1
Last update:
‎06-30-2014 05:40 PM
Updated by:
Labels (1)
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.