Filter
Top Products
634 Rogue detection and counter measures
NN47250-500 (320657-F Version 02.01)
To display the client black list, use the following command:
show rfdetect black-list
The following example shows the client black list on a WSS:
WSS# show rfdetect black-list
Total number of entries: 1
Blacklist MAC Type Port TTL
----------------- ----------------- ------- ---
11:22:33:44:55:66 configured - -
11:23:34:45:56:67 assoc req flood 3 25
To remove a MAC address from the client black list, use the following command:
clear rfdetect black-list mac-addr
The following command removes MAC address 11:22:33:44:55:66 from the black list:
WSS# clear rfdetect black-list 11:22:33:44:55:66
success: 11:22:33:44:55:66 is no longer blacklisted.
Configuring an attack list
The attack list specifies the MAC addresses of devices that WSS Software should issue countermeasures against
whenever the devices are detected on the network. The attack list can contain the MAC addresses of APs and clients.
By default, the attack list is empty. The attack list applies only to the WSS on which the list is configured. WSSs do not
share attack lists.
When on-demand countermeasures are enabled, only those devices configured in the attack list are subject to counter-
measures. In this case, devices found to be rogues by other means, such as policy violations or by determining that the
device is providing connectivity to the wired network, are not attacked.
To add an entry to the attack list, use the following command:
set rfdetect attack-list mac-addr
The following command adds MAC address aa:bb:cc:44:55:66 to the attack list:
WSS# set rfdetect attack-list 11:22:33:44:55:66
success: MAC 11:22:33:44:55:66 is now in attacklist.
To display the attack list, use the following command:
show rfdetect attack-list
The following example shows the attack list on a switch:
WSS# show rfdetect attack-list
Note. If you are using on-demand countermeasures in a Mobility Domain, you should
synchronize the attack lists on all the WSSs in the Mobility Domain. See “Using on-demand
countermeasures in a Mobility Domain” (page 637).