Nortel Networks NN47250-500 Switch User Manual

Open as PDF

of 858

726 Rogue detection and counter measures

NN47250-500 (Version 03.01)

IDS log message examples

Table 43 shows examples of the log messages generated by IDS.

Table 43.IDS and DoS log messages

Message Type Example Log Message

Probe message flood Client aa:bb:cc:dd:ee:ff is sending probe message flood.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Authentication

message flood

Client aa:bb:cc:dd:ee:ff is sending authentication message flood.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Null data message

flood

Client aa:bb:cc:dd:ee:ff is sending null data message flood.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Management frame 6

flood

Client aa:bb:cc:dd:ee:ff is sending rsvd mgmt frame 6 message flood.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Management frame 7

flood

Client aa:bb:cc:dd:ee:ff is sending rsvd mgmt frame 7 message flood.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Management frame D

flood

Client aa:bb:cc:dd:ee:ff is sending rsvd mgmt frame D message flood.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Management frame E

flood

Client aa:bb:cc:dd:ee:ff is sending rsvd mgmt frame E message flood.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Management frame F

flood

Client aa:bb:cc:dd:ee:ff is sending rsvd mgmt frame F message flood.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Associate request flood Client aa:bb:cc:dd:ee:ff is sending associate request flood on port 2

Reassociate request

flood

Client aa:bb:cc:dd:ee:ff is sending re-associate request flood on port 2

Disassociate request

flood

Client aa:bb:cc:dd:ee:ff is sending disassociate request flood on port 2

Weak WEP

initialization vector

(IV)

Client aa:bb:cc:dd:ee:ff is using weak wep initialization vector.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Decrypt errors Client aa:bb:cc:dd:ee:ff is sending packets with decrypt errors.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Spoofed

deauthentication

frames

Deauthentication frame from AP aa:bb:cc:dd:ee:ff is being spoofed.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Spoofed disassociation

frames

Disassociation frame from AP aa:bb:cc:dd:ee:ff is being spoofed.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Null probe responses AP aa:bb:cc:dd:ee:ff is sending null probe responses.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

Broadcast

deauthentications

AP aa:bb:cc:dd:ee:ff is sending broadcast deauthentications.

Seen by AP on port 2, radio 1 on channel 11 with RSSI -53.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Nortel Networks NN47250-500 Switch User Manual