The spoof-ssid command configures a fuzzy matching rule for spoofing SSIDs.
The undo spoof-ssid command deletes a fuzzy matching rule for spoofing SSIDs.
By default, no fuzzy matching rule is configured for spoofing SSIDs.
spoof-ssid fuzzy-match regex regex-value
undo spoof-ssid { fuzzy-match regex regex-value | all }
Parameter |
Description |
Value |
|---|---|---|
fuzzy-match |
Configures a fuzzy matching rule to identify spoofing SSIDs. |
- |
regex regex-value |
Specifies the regular expression for an SSID. If an SSID matches the regular expression, the SSID is considered a spoofing SSID. |
The value is in text format and can contain 1 to 48 case-sensitive characters. It supports Chinese characters or mixture of Chinese and English characters. NOTE:
You can only use a command editor of the UTF-8 encoding format to edit Chinese characters. |
all |
Deletes all fuzzy matching rules. |
- |
Usage Scenario
WLAN services are available in public places, such as banks and airports. Users can connect to the WLANs after associating with corresponding SSIDs. If a rogue AP is deployed and provides spoofing SSIDs similar to authorized SSIDs, the users may be misled and connect to the rogue AP, which brings security risks. To address this problem, configure a fuzzy matching rule to identify spoofing SSIDs. The device compares a detected SSID with the matching rule. If the SSID matches the rule, the SSID is considered a spoofing SSID. The AP using the spoofing SSID is a rogue AP. After rogue AP containment is configured, the device contains the rogue AP and disconnects users from the spoofing SSID.
Precautions
To make fuzzy matching rules for spoofing SSIDs take effect, enable device detection and rogue device containment so that the device can take countermeasures against rogue APs.
# Configure a fuzzy matching rule using the regular expression ^HUAWE[1l]$ to identify spoofing SSIDs HUAWE1 or HUAWEl similar to HUAWEI.
<HUAWEI> system-view [HUAWEI] wlan [HUAWEI-wlan-view] wids-spoof-profile name huawei [HUAWEI-wlan-wids-spoof-huawei] spoof-ssid fuzzy-match regex ^HUAWE[1l]$