Community Home > Discuss > Technology > Security > Re: Block deauth attack with Aruba WIPS

Security

Reply
Alberto García
Contributor I
Alberto García

Block deauth attack with Aruba WIPS

‎05-27-2014 08:06 PM

Hi community,

 

How can i to block deauth attack from a Kali running computer not connected to my network? I can detect the attack with the IDS signature but i can't block it. I attach an image from the security dashboard. Thanks in advance.

 

 

Alert a Moderator
Message 1 of 9
6,104 Views
Tags (2)
Reply
Guru Elite Guru Elite
Guru Elite
cjoseph

Re: Block deauth attack with Aruba WIPS

‎05-27-2014 08:16 PM

What version of ArubaOS is this?

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Alert a Moderator
Message 2 of 9
6,102 Views
Reply
0 Kudos
Alberto García
Contributor I
Alberto García

Re: Block deauth attack with Aruba WIPS

‎05-27-2014 08:22 PM

Aruba OS 6.3.1.7.

Alert a Moderator
Message 3 of 9
6,097 Views
Reply
0 Kudos
Guru Elite Guru Elite
Guru Elite
cjoseph

Re: Block deauth attack with Aruba WIPS

‎05-27-2014 08:24 PM

You can enable "DOS Protection" on your Virtual AP  http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Web_Help_Index.htm#ArubaFrameStyles/1CommandList/show_wlan_virtual_ap.htm

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Alert a Moderator
Message 4 of 9
6,093 Views
Reply
0 Kudos
Highlighted
Alberto García
Contributor I
Alberto García

Re: Block deauth attack with Aruba WIPS

‎05-27-2014 08:48 PM

Thanks but is already enabled and it doesn't work.

Alert a Moderator
Message 5 of 9
6,083 Views
Reply
0 Kudos
Guru Elite Guru Elite
Guru Elite
cjoseph

Re: Block deauth attack with Aruba WIPS

‎05-27-2014 08:53 PM

When you say "does not work" what do you mean?  What is happening and what do you want to prevent?  DOS protection can only protect a deauth attack on an access point, not a client.  Only MFP (802.11w) or management frame protection can specifically protect clients from such an attack.  Of course, the client has to support 802.11w and you need to run ArubaOS 6.4 for a complete solution: http://www.arubanetworks.com/techdocs/ArubaOS_64_Web_Help/Web_Help_Index.htm#ArubaFrameStyles/VirtualAPs/SSID_Profiles.htm?Highlight=802.11w


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Alert a Moderator
Message 6 of 9
6,080 Views
Reply
0 Kudos
MVP Expert
MVP Expert
mharing

Re: Block deauth attack with Aruba WIPS

‎04-24-2017 07:54 AM

Sorry to revive an old post, but this same question has recently come up with a customer I'm working with. 

 

In the 802.11w (MFP) link, it states that MFP is not supported on VAPs that are using Tunnel forarding model. Why doesn't it work with Tunneled mode and just to clarify, that means its only supported while using Bridged mode?


Michael Haring
If my answer is helpful, a Kudos is always appreciated!
Alert a Moderator
Message 7 of 9
3,814 Views
Reply
Gary Hahn
Occasional Contributor I
Gary Hahn

Re: Block deauth attack with Aruba WIPS

‎04-10-2019 09:51 AM

"me too".   Even in AoS 8.4 it won't allow MFP to be enabled, much to the chagrin of the customer.  Why?  Workaround?

Alert a Moderator
Message 8 of 9
1,014 Views
Reply
0 Kudos
Guru Elite Guru Elite
Guru Elite
cjoseph

Re: Block deauth attack with Aruba WIPS

‎04-10-2019 11:07 AM

What encryption and forwarding mode are you using?  What client are you also using?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Alert a Moderator
Message 9 of 9
1,004 Views
Reply
0 Kudos
Search Airheads
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

© Copyright 2019 Hewlett Packard Enterprise Development LP
All Rights Reserved.
Powered by Lithium