Filter
Top Products
640 Rogue detection and counter measures
NN47250-500 (320657-F Version 02.01)
Wireless bridge
A wireless bridge can extend a wireless network outside the desired area. For example, someone can place a wireless
bridge near an exterior wall to extend wireless coverage out into the parking lot, where a hacker could then gain access
to the network.
Ad-Hoc network
An ad-hoc network is established directly among wireless clients and does not use the infrastructure network (a network
using an AP). An ad-hoc network might not be an intentionally malicious attack on the network, but it does steal
bandwidth from your infrastructure users.
Weak WEP key used by client
A weak initialization vector (IV) makes a WEP key easier to hack. WSS Software alerts you regarding clients who are
using weak WEP IVs so that you can strengthen the encryption on these clients or replace the clients.
Disallowed devices or SSIDs
You can configure the following types of lists to explicitly allow specific devices or SSIDs:
• Permitted SSID list—WSS Software generates a message if an SSID that is not on the list is detected.
• Permitted vendor list—WSS Software generates a message if an AP or wireless client with an OUI that is not on the
list is detected.
• Client black list—WSS Software prevents clients on the list from accessing the network through a WSS. If the
client is placed on the black list dynamically by WSS Software due to an association, reassociation or
disassociation flood, WSS Software generates a log message.
By default, these lists are empty and all SSIDs, vendors, and clients are allowed. For more information, see “Summary
of rogue detection features” (page 630).
Displaying statistics counters
To display IDS and DoS statistics counters, use the show rfdetect counters commands. (See “Displaying statistics
counters” (page 640).)