Is frecuently find in the enterprise WCS the following message
"IDS 'Deauth flood' Signature attack detected on AP 'XXXXXXX'protocol '802.11b/g' on Controller 'x.x.x.x'.
The Signature description is 'Deauthentication flood', with precedence '9'.
The attacker's mac address is 'xx:xx:xx:xx:xx:xx', channel number is '1', and the number of detections is '300'"
For security prouposes I changed the IP and MAC addresses.
The MAC address shown in the message is a Base Radio MAC from an AP controlled by the same WLC, which is sending the warning.
I read about a bug with a similar message but it's solved in the version 220.127.116.11 but this WLC has the 18.104.22.168 version and it's not shown in the release notes or bug toolkit.
Anybody can help me ? !