Hello to all.
Im trying something with hotspot service .
If i found the mac address of a connected client and spoof my mac to active client mac i can connect to the network .
How can i avoid that ?
You should be able to set max hotspot sessions to 1, and ensure hotspot Route poisoning is turned on to stop un-authed clients starting a mac/ip port scan.
Turn on arp-poisoning by making sure the address pool to none ip range in hotspot->server.
Arp poisoning can cause some issues with network printers on the same lan segment( you can use different ip subnet on your printers, with some natting as a workaround, and or add them to the walled garden)..
There are other ways to stop this too such as layer 3 switches to client side to stop lan scans. and a few other ways e.g pppoe server/client your hotspot. etc etc…