One of our computer engineering instructors acquired several new little wireless AP spoofing devices after attending the Ethical Hacker Convention in Atlanta not long ago. He and I have been talking a lot and I need to be able to defeat his devices. One of these little guys scans the local area, grabs SSIDs and their corresponding BSSIDs and can then spoof both SSID and BSSID and also allows you to clone a portal page.
My question is this, how do I need to configure my IDS (either manually or through the wizard) to shut that down? My attempts thus far have not met with success and when I look at my master controller security dashboard I actually see where my own authorized AP's marked for containment (obviously I am doing something wrong here LOL)
Any advice is appreciated!