Configuring Tarpit Shielding

Tarpit shielding is configured on an AP using one of two methods:

  • Disable all clients : In this method, any client that attempts to associate with an AP marked for containment is sent spoofed frames.
  • Disable non-valid clients : In this method, only non-authorized clients that attempt to associate with an AP are sent to the tarpit.

The choices for disabling Tarpit Shielding on an AP are:

  • Deauth-wireless-containment
  • Deauth-wireless-containment with tarpit-shielding (excluding-valid-clients)
  • Deauth-wireless-containment with tarpit-shielding

This sections provide information on enabling Tarpit Shielding and licensing CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands.

Enabling Tarpit Shielding

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. command configures Tarpit Shielding (for detailed information on commands refer to the ArubaOS Command Line Reference Guide).

(host) [mynode] (config) #ids general-profile default

(host) [mynode] (IDS General Profile "default") #wireless-containment [deauth-only | none | tarpit-all-sta | tarpit-non-valid-sta]

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. command displays the updated Tarpit Shielding status and the spoofed frames generated for an AP:

  • show ap monitor stats
  • show ap monitor containment-info

Understanding Tarpit Shielding Licensing CLI Commands

Under the ids general-profile default wireless-containment command, the tarpit-non-valid-sta and tarpit-all-sta options are available only with a RFprotect license. The deauth-only and none options are available with the Base OS license.