08-15-2008 09:53 AM - edited 07-03-2021 04:19 PM
Hi,
Recently, I deployed a Cisco Unified WLAN solution w/ WLC, LAP, WCS and ACS. The customer concerns about security very much. They want a security penetration test over the whole WLAN system.
However, I am confused by testing about WLC internal IDS signature pack.
How can I test the IDS signature pack? Do you have any suggestion?
You may refer to following URL for the topics that I'm talking about.
http://www.cisco.com/en/US/docs/wireless/controller/5.1/configuration/guide/c51sol.html#wp1537821
08-21-2008 10:08 AM
Please have a look at comm. view for wifi, It is used to replay packets into wifi network .You can specify the frequency pattern /No of packets per sec etc etc . The settings on the tool depends on the signature pattern/ frequency of the attack . The tool also has an option to capture packets and replay it and it is easy to work with.
09-04-2008 11:35 PM
hi,
I can't use Comm view for Wifi because my Commview packet capture driver cannot support my network adapter.
I finally did a researh with Linux-based WLAN attack tools called "Auditor Live CD" and "BackTrack3 Live CD". I can launch WLAN Deauthen / Deassoc flood by File2Air over my TP-Link Atheros chipset WLAN adapter.
Finally, the MFP protection engine in WLC can fire alert.
Thanks
Leon Lai
09-04-2008 11:35 PM
hi,
I can't use Comm view for Wifi because my Commview packet capture driver cannot support my network adapter.
I finally did a researh with Linux-based WLAN attack tools called "Auditor Live CD" and "BackTrack3 Live CD". I can launch WLAN Deauthen / Deassoc flood by File2Air over my TP-Link Atheros chipset WLAN adapter.
Finally, the MFP protection engine in WLC can fire alert.
Thanks
Leon Lai
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide