You are here: Home > CLI Commands > Just_CLI_Topics > show ids impersonation-profile

show ids impersonation-profile

show ids impersonation-profile <profile-name>

Description

Display an IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. Impersonation Profile.

Syntax

Parameter

Description

<profile-name>

Name of an IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. Impersonation profile.

Usage Guidelines

Issue this command without the <profile-name> parameter to display the IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. Impersonation profile list. Include a profile name to display detailed configuration information for that profile.

Examples

The example below displays that the Mobility Master has five configured Impersonation profiles.

(host) [mynode] (config) #show ids impersonation-profile

 

IDS Impersonation Profile List

------------------------------

Name References Profile Status

---- ---------- --------------

default 4

test 0

test1 1

Wizard-test 1

Wizard-test2 1

 

Total:5

In the example above, the Reference column indicates the number of references to the profile named in the Name column. The Profile Status column is blank unless the rule is predefined.

The example below displays the configuration settings for the profile test1.

(host) (config) #show ids impersonation-profile test1

 

IDS Impersonation Profile "test1"

---------------------------------

Parameter Value

--------- -----

Detect AP Impersonation false

Protect from AP Impersonation false

Beacon Diff Threshold 50 %

Beacon Increase Wait Time 3 sec

Detect AP Spoofing true

Detect Beacon Wrong Channel false

Beacon Wrong Channel Detection Quiet Time 900 sec

Detect Hotspotter Attack true

Hotspotter Quiet Time 900 sec

The output of this command includes the following parameters:

Parameter

Description

Detect AP Impersonation

Shows of the profile has enabled or disabled detection of AP impersonation.

Protect from AP Impersonation

Shows if AP impersonation is enabled or disabled for the profile. When AP impersonation is detected, both the legitimate and impersonating AP are disabled using a DoSDenial of Service. DoS is any type of attack where the attackers send excessive messages to flood traffic and thereby preventing the legitimate users from accessing the service. attack.

Beacon Diff Threshold

Percentage increase in beacon rates that triggers an AP impersonation event.

Beacon Increase Wait Time

Time, in seconds, after the beacon difference threshold is crossed before an AP impersonation event is generated.

Detect AP Spoofing

AP Spoofing detection is enabled

Detect Beacon Wrong Channel

Disable detection of beacons advertising the incorrect channel

Beacon Wrong Channel Detection Quiet Time

Wait 90 seconds after detecting a beacon with the wrong channel after which the check can be resumed.

Detect Hotspotter Attack

Enable detection of the Hotspotter attack to lure away valid clients.

Hotspotter Quiet Time

Wait 90 seconds after detecting an attempt to Use the Hotspotter tool against clients.

Related Commands

Command

Description

ids impersonation-profile

This command configure IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. impersonation profiles.

Command History

Release

Modification

ArubaOS 8.0.0.0

Command Introduced.

Command Information

Platforms

License

Command Mode

Available on all platforms

Requires the RFprotect license.

Config mode on Mobility Master.

/*]]>*/