Controller Based WLANs

 View Only
last person joined: one year ago 

APs, Controllers, VIA
Back to Library

What type of 802.11 infrastructure attacks can be detected with ArubaOS 6.0 with WIDS 2.0? 

Jul 05, 2014 05:32 AM

Product and Software: This article applies to all Aruba controllers and ArubaOS 6.0 and later.



These types of 802.11 infrastructure attacks can be detected with ArubaOS 6.0 with WIDS 2.0.


Adhoc Using Valid SSID

  • A client in an adhoc network beacons a reserved valid SSID.
  • This attack is detected by comparing the SSID in the client's beacons with a user-configured list of valid or protected SSIDs.

Broadcast-Disassociation Detection

  • The attacker can disconnect all stations by sending disassociation frames to the broadcast address (FF:FF:FF:FF:FF:FF).
  • This attack is detected using a predefined signature.

CTS/RTS Flood Attack Detection

  • The attacker transmits numerous RTS/CTS frames to launch a DOS attack.
  • This attack is detected if the number of RTS/CTS frames crosses a user-defined threshold within a user-defined time period.

Fake Client Attack Detection

  • Fake AP tools are used to generate many fake clients that fill the user tables.
  • This attack is detected if the number of clients stays above a user-defined threshold for a user-defined time period.

Wellenreiter Detection

  • This tool is a passive wireless network discovery tool that is used to build AP lists.
  • The tool can use active probes for "default SSIDs".
  • This attack is detected using a predefined signature.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.