Product and Software This article applies to all Aruba controllers and ArubaOS 6.0 and later.
ArubaOS 6.0 with WIDS 2.0 supports the following two types of impersonation detection. The impersonation detection feature works only in AP-mode.
- Attacker spoofs the AP's BSSID.
- Can be detected if the AP sees frames with SA that match one of its BSSIDs, but it did not transmit them.
- Can be detected if the AP sees that a client is sending frames to it on a different channel.
Premature EAP Success/Failure Attack Detection
- Attacker spoofs EAP success/failure messages to disrupt the authentication state of the clients and prevent the client from connecting to the valid APs.
- The EAP-Success/EAP-Failure frames have been added to the list of the frame types that Aruba APs will examine.