Wireless Access

Reply
Occasional Contributor I
Posts: 5
Registered: ‎03-03-2017

How to stop MAC spoofing by Chamele MAC

Hello , 

 

I want to ask that if somebody in our organization who is not allowed to use Wi-Fi can bind MAC address to his device which is allowed for W-Fi access by using open source application called CHAMELE MAC.

How to identify that user and stop him.???

 

Please help

Guru Elite
Posts: 21,029
Registered: ‎03-29-2007

Re: How to stop MAC spoofing by Chamele MAC

You would configure IP and ARP spoofing in the global firewall parameters:  http://www.arubanetworks.com/techdocs/ArubaOS_65x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/Firewall_Roles/Global_Firewall_Paramete.htm?Highlight=spoofing

 

The best way to protect against spoofing is to use 802.1x encryption, however.  Using only an open or preshared key SSID has more limited protection for ip and ARP spoofing than an 802.1x SSID.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Guru Elite
Posts: 8,460
Registered: ‎09-08-2010

Re: How to stop MAC spoofing by Chamele MAC

Adding a full policy management solution is really the only solution. ClearPass can detect MAC spoofing and take appropriate action.

 

Also, just FYI, on most platforms, no third party software is required to spoof a MAC. On Linux and Mac, it's a simple command. Not even a reboot is needed.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: