Security

Reply
Occasional Contributor II

Spoofed device over writes the entry in the end point data base

FYI for anyone who is trying to prevent spoofing on a PSK network, with the two firewall settings enabled (Prohibit IP Spoofing & Prohibit ARP Spoofing), if the offender knows how to deauth the existing device, It is than possible for the spoofed device to connect.

If any of the device  attributes are different on the spoofed device, the endpoint database entry is updated with the attributes of the spoofed device.

Tom Engeleit
ACMP
Guru Elite

Re: Spoofed device over writes the entry in the end point data base

Do you have a rule at the top of you policy that rejects conflict conditions?

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Spoofed device over writes the entry in the end point data base

Can you forward an example  of the rule ?

Tom Engeleit
ACMP
Occasional Contributor II

Re: Spoofed device over writes the entry in the end point data base

Do you have an example of a policy that rejects conflict conditions ?

Tom Engeleit
ACMP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: