Due to the lack of centralized identity management and the broadcast nature of wireless ad hoc networks, identity attacks are always tempting. The attackers can create multiple illegitimate (arbitrary or spoofed) identities on their physical devices for various malicious reasons, such as to launch Denial of Service attacks and to evade detection and accountability. In one scenario, the attacker creates more than one identity on a single physical device, which is called a Sybil attack. In the other one, the attacker creates cloned/replicated nodes. We refer collectively to these attacks as identity attacks. Using these malicious techniques, the attacker would perform activities in the network for which the attacker may not be authorized. In the existing literature, these attacks are often counteracted separately. However, in this paper, we propose a solution to counteract both attacks jointly. Our proposed scheme uses the received signal strength for the detection without using extra hardware (such as GPS, antennae or air monitors) and centralized entities (such as trusted third party or certification authority). Upon the detection of malicious identities, they will be quarantined and will be blacklisted for future data communication by the mobile nodes. Our proposed attack detector detects the presence of Sybil attacks and replication attacks locally by analysing the received signal strength captured by each node. Moreover, we propose a technique that will identify these attacks in the overall network. In both local and global cases, we evaluate our solutions theoretically and via simulation in NS-2. The obtained results demonstrate that it is possible to detect identity attacks with considerable accuracy without causing extra overhead in the form of extra hardware, periodic beacons or expensive localization operations in the wireless ad hoc networks.