cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
782
Views
5
Helpful
7
Replies

Security alerts on IDS Signature attacks

leo_zidane
Level 1
Level 1

I keep receiving alerts of IDS attacks on my wireless controllers as notified by my WCS. How can i stop these attacks?

1 Accepted Solution

Accepted Solutions

Really nothing much more. Follow best practices and secure your wireless as best you can. If that's creating ACL's in your infrastructure then that is what you will have to do. What you have to ask is how secure is your LAN. Can someone plug into a port in the lobby an get on your network? there are many ways to hack into a network, you just have to secure it as much as you can.

-Scott
*** Please rate helpful posts ***

View solution in original post

7 Replies 7

Scott Fella
Hall of Fame
Hall of Fame

You can download from the controller the signature files and edit the file but changing the vlaues or deleting the signature. Then just upload that back to the controller.

-Scott
*** Please rate helpful posts ***

I means is that my WCS keeps having alerts on IDS attacks, how can i actually enhance my security to block these attackers initializing the attacks?

Thanks

The thing is, you have to see if this is a positive attack or not. The WLC isn't a true IDS and that is why I say just adjust the file. How you enhance your wlan is to follow best practices and make sure your wireless is as secure as possible (SSID authentication). Especially if your located in a downtown building with wireless all around you, it is hard to determine that. It's not like you can stop them from trying, you just have to secure your network from them hacking in....

-Scott
*** Please rate helpful posts ***

Can i just disable the client mac address and enable the client exclusion on the WLC. I know that for disabling of mac address to work you must enable the client exclusion.

Am i right? Will these enhance the security?

You can do that if you like. I would enable client exclusion first to see if you even get any excluded clients. then proceed with disabling the mac address of the client. Of course... make sure those are not any of your users.

-Scott
*** Please rate helpful posts ***

Besides this, what will you think that can further enhance the wireless security?

Really nothing much more. Follow best practices and secure your wireless as best you can. If that's creating ACL's in your infrastructure then that is what you will have to do. What you have to ask is how secure is your LAN. Can someone plug into a port in the lobby an get on your network? there are many ways to hack into a network, you just have to secure it as much as you can.

-Scott
*** Please rate helpful posts ***
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: