12-05-2012 06:58 AM
I do know how to explain it but it works like this:
if a legitimate client (PC and Credintials) has two wireless adaptors (buildin or USB) the clients connected to AP using 5GHz and he used the other adaptor on 2.5 GHz to provide access to illegetimate clients through his other adaptor (which is connected through 5GHz band AP). is there away to stop it using IPS/IDS and Firewall ? ( I want to stop other clients from accessing my network this way).
Customer want to stop this and he want to see it working on a demo which we need to do for him. Please give me your ideas.
I was thinking to stop this on guest VAP using some type of session control per client, e.g. only one HTTP session per IP/MAC address but I do not know if this is possible.
But how to stop Employees ?!
12-12-2012 03:51 AM - edited 12-12-2012 03:51 AM
it depends on the exact situation, but just allowing a client access to the default gateway of its network and no other IPs in it should work i believe. how workable this is depends on the nummer of networks.
aruba WIP should be able to detect wireless bridges, but im not sure how well it would work in this case.