No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R013C00 Command Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
spoof-ssid

spoof-ssid

Function

The spoof-ssid command configures a fuzzy matching rule for spoofing SSIDs.

The undo spoof-ssid command deletes a fuzzy matching rule for spoofing SSIDs.

By default, no fuzzy matching rule is configured for spoofing SSIDs.

Format

spoof-ssid fuzzy-match regex regex-value

undo spoof-ssid { fuzzy-match regex regex-value | all }

Parameters

Parameter

Description

Value

fuzzy-match

Configure a fuzzy matching rule to identify spoofing SSIDs.

-

regex regex-value

Specifies the regular expression for an SSID. If an SSID matches the regular expression, the SSID is considered a spoofing SSID.

The value is in text format and can contain 1 to 48 case-sensitive characters. It supports Chinese characters or mixture of Chinese and English characters.

NOTE:

You can only use a command editor of the UTF-8 encoding format to edit Chinese characters.

all

Delete all fuzzy matching rules.

-

Views

WIDS spoof SSID profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

WLAN services are available in public places, such as banks and airports. Users can connect to the WLANs after associating with corresponding SSIDs. If a rogue AP is deployed and provides spoofing SSIDs similar to authorized SSIDs, the users may be misled and connect to the rogue AP, which brings security risks. To address this problem, configure a fuzzy matching rule to identify spoofing SSIDs. The device compares a detected SSID with the matching rule. If the SSID matches the rule, the SSID is considered a spoofing SSID. The AP using the spoofing SSID is a rogue AP. After rogue AP containment is configured, the device contains the rogue AP and disconnects users from the spoofing SSID.

Precautions

To make fuzzy matching rules for spoofing SSIDs take effect, enable device detection and rogue device containment so that the device can take countermeasures against rogue APs.

Example

# Configure a fuzzy matching rule using the regular expression ^HUAWE[1l]$ to identify spoofing IDs HUAWE1 or HUAWEl similar to HUAWEI.

<HUAWEI> system-view
[HUAWEI] wlan 
[HUAWEI-wlan-view] wids-spoof-profile name huawei 
[HUAWEI-wlan-wids-spoof-huawei] spoof-ssid fuzzy-match regex ^HUAWE[1l]$
Translation
Download
Updated: 2019-04-09

Document ID: EDOC1100065659

Views: 116978

Downloads: 83

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next