Wireless Instance 20-85
fuzzing-invalid-
management-frame|
fuzzing-invalid-
sequence-
number|identical-source-
and-destination-
addresses|
impersonation-attack-
detected|invalid-8021x-
frames|
non-changing-wep-
iv|replay-injection-
attack|transmitting-
device-using-invalid-
mac| unauthorized-ap-
using-authorized-ssid
|unencrypted-station-
transmission-detected]
• eap-flood eap-flood [enable [authorized|ignored|unauthorized]|
filter-ageout <1-86400>|threshold [mu|radio]] – Monitors EAP flood events.
• eap-nak-flood [enable [authorized|ignored|unauthorized]|
filter-ageout <1-86400>|threshold [mu|radio]] – Monitors EAP-NAK flood –
EAP flood events.
• failures-reported-by-authentication-servers [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>|threshold [mu|radio]] – Monitors
failures reported by authentication servers.
• fake-ap-flood [enable [authorized|ignored|unauthorized]|
filter-ageout <1-86400>|threshold [mu|radio]] – Monitors fake AP flood
(based on number of APs observed in a minute).
• frames-from-unassociated-stations [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>|threshold [mu|radio]] – Monitors
frames from unassociated stations.
• frames-with-bad-essids [<1-10> <STRING> |enable
[authorized|ignored|unauthorized]|filter-ageout <1-86400>] – Monitors
frames with bad ESSIDs.
• fuzzing-all-zero-mac-address-observed [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>|threshold [mu|radio]] – Monitors
fuzzing: all zero MAC address observed.
• fuzzing-invalid-frame-type-detected [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>|threshold [mu|radio]] – Monitors
fuzzing: Invalid Frame Type Detected.
• fuzzing-invalid-management-frame [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>|threshold [mu|radio]] – Monitors
fuzzing: Invalid Management Frame.
• fuzzing-invalid-sequence-number [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>|threshold [mu|radio]] – Monitors
Fuzzing: Invalid Sequence Number.
• identical-source-and-destination-addresses [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>|threshold [mu|radio]] – Monitors
identical source and destination addresses
• impersonation-attack-detected [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>|threshold [mu|radio]] – Monitors
impersonation attack detected.
• invalid-8021x-frames [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>] – Monitors invalid 802.1X frames
• non-changing-wep-iv [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400] – Monitors non-changing WEP IV
events.
• replay-injection-attack [enable [authorized|ignored|
unauthorized]|filter-ageout <1-86400>|threshold [mu|radio]] – Monitors
replay injection attacks.
• suspicious-ap-high-rssi [signal-strength-threshold <-100-0>|enable
[authorized|ignored|unauthorized]|filter-ageout <1-86400>] – Monitors
suspicious AP - High RSS.
Comments to this Manuals