NETGEAR WNDAP620 Network Router User Manual

Open as PDF

of 172

Management and Monitoring

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620

Known client

associating with

ad-hoc network

• Detection. Clients that should be connected to the secured

wireless network are instead connected to wireless access

points that are part of an ad hoc network.

• Res

ult. Wireless security might be compromised.

• Solution.

The clients are disconnected from the ad hoc

network.

0 Trap

AP property

anged

• Detection. Unauthorized changes such as a change of SSID,

security settings, or channel are made on a known wireless

access point in the network.

• Res

ult. Wireless security is compromised and clients cannot

connect to the wireless access point.

Note: The IDS detects that the properties of a known wireless

access poi

nt in the network are changed, but the IPS does not take

action.

The changes that the IDS detects are listed in a table. The affected

wirel

ess access point is identified by its MAC address. To correct

the situation, access the web management interface of the affected

wireless access point, and reverse the changes.

To remove the detected chan

ges from the table:

1. Select the check box to the left of the wireless access point for

which

you want to remove the changes from the table.

2. Above the table, click Delete.

0 Trap

Device probing for

access point

• Detection. Multiple probe requests (30 or more) are sent to

collect information about the wireless access point for possible

future attacks. For example, it is suspect when there are too

many probe requests with a different SSID from same MAC

address.

• Res

ult. An attack might occur, or wireless security might

become compromised.

• Solution. The

wireless access point does not respond to probe

requests that do not contain its SSID.

30 Trap

PS poll flood attack • Attack. Multiple power save (PS)–Poll frames (50 or more) are

sent to the wireless access point from an address that has a

spoofed MAC address of a legitimate client.

• Res

ult. Traffic that is intended for the legitimate client is sent to

the attacking address and is lost.

• Solution. PS-Poll

frames without a corresponding traffic

indication map (TIM) are rejected.

50 Trap

Table 24. IDS/IPS policies and policy rules (continued)

Policy Description Policy Rule

Threshold Notification

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

NETGEAR WNDAP620 Network Router User Manual