Filter
Top Products
702 Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
53-1001931-01
Wireless configuration commands
20
Example
RFController(config-wireless)#wips event 80211-replay-check-failure enable
authorized
RFController(config-wireless)#
RFController(config-wireless)#wips event fake-ap-flood threshold 88
RFController(config-wireless)#
RFController(config-wireless)#wips event ad-hoc-advertising-authorized-ssid
filter-ageout 9
RFController(config-wireless)#
wips events
[identical-source-and-destina
tion-addresses |
impersonation-attack-detect
ed|non-changing-wep-iv|rep
lay-injection-attack |
suspicious-ap-high-rssi|tkip-
mic-counter-measures-cause
d-by-station
|transmitting-device-using-in
valid-mac
|unauthorized-ap-using-auth
orized-ssid|unencrypted-stat
ion-transmission-detected]
{enable|filter-out|threshold}
{authorized|ignored|unauth
orized}
• fake-ap-flood– Detects suspected ap flood (based on number
of APs observed in a minute)
• frames-from-unassociated-stations – Detects frames from
unassociated stations
• frames-with-bad-essids – filter-ageout <1-86400> – Detects
filters age-out duration for the mobile unit frames with bad
essids
• fuzzing-all-zero-mac-address-observed– Fuzzing: All zero MAC
address Observed
• fuzzing-invalid-frame-type-detected– Fuzzing: Invalid Frame
Type Detected
• fuzzing-invalid-management-frame – Fuzzing: Invalid
Management Frame
• fuzzing-invalid-sequence-number – Fuzzing: Invalid Sequence
Number
• identical-source-and-destination-addresses – Detects
identical source and destination addresses
• impersonation-attack-detected – Detects impersonation
attack
• invalid-8021x-frames – Detects invalid 802.1X frames
• non-changing-wep-iv – Detects non-changing wepiv
• replay-injection-attack – Detects replay injection attack
• suspicious-ap-high-rssi – Detects suspicious ap -high rssi
• tkip-mic-counter-measures-caused-by-station – Filters mobile
units causing tkip mic counter measures
• transmitting-device-using-invalid-mac – Detects transmitting
device using invalid MAC
• unauthorized-ap-using-authorized-ssid – Detects
unauthorized ap using authorized ssid
• unencrypted-station-transmission-detected – Detects
unencrypted wired leakage
For the above parameters, the following values are set.
• enable – Enables monitoring, filtering and triggering
alarms
• filter-ageout <ageout> – Sets the number of seconds
mobile units are filtered in the range <1-86400>
• threshold<1-65535> – Configures the threshold of
events allowed in the detection window
• authorized – Triggers against authorized devices
• ignored – Triggers against ignored devices
• unauthorized – Triggers against unauthorized
devices
reset-to-default Reset to default settings