I have a site that is experiencing periodic Denial of Service Deauthentication flood attacks. There are WLAN controllers in place that are doing their job as intended. They are isolating the AP that the client is spoofing through and disabling it until the flood stops.
My question ....
what is the best way to isolate, locate and remove the attack source? Should NetStumbler be used or is their a better solution?
thanks as always,