What is a “honeypot” attack?

Aruba Employee
Aruba Employee

Product and Software: This article applies to all Aruba controllers and ArubaOS versions.


A "honeypot" attack is a kind of AP impersonation attack where an attacker who sits outside of the building sets up an AP that assumes the BSSID and ESSID of a valid AP and attempts to lure enterprise clients to connect to it.


A honeypot attack is normally a prelude to some other type of attack, such as man-in-the-middle or client vulnerability probing.

Version history
Revision #:
1 of 1
Last update:
‎06-30-2014 05:40 PM
Updated by:
Labels (1)
Search Airheads
Showing results for 
Search instead for 
Did you mean: