On an average day it looks like we see in the ballpark of 1800 'Block ACK Attack' picked up by Airwave IDS. This number clearely seems large so I started looking in to it, only to find a common Mac between 97% of them. On Further Inspection, that mac was my Firewall.
I suppose my first question is. What is a Block Ack Attack? I assume it is when an Acknolwedge Packet is dropped before reaching it's destination, but I haven't seen many resources on it.
Second question. Is there any particular reason that many of these would be 'targeting' my Firewall?
Any suggestion on cleaning up this attack count? I assume we are not really begin attacked by what looks to be a majority of our users.