Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Malicious Packets and WAPs in CSA

Can anyone tell me what Cisco defines as a "malicious packet"? We're getting an Alert about every couple hours in CSA flagging a malicious packet sent from each WAP to 224.0.0.1.

For more information, here's the exact message, with the IP of the WAP blanked out:

A packet with malicious content was detected. Reason: Malicious packet. IGMP: *WAP IP address*->224.0.0.1 type 0x11. The operation was denied.

The other strange thing is that we are running two test computers over wireless, but only one is generating the errors.

Any idea what this might be?

1 REPLY
New Member

Re: Malicious Packets and WAPs in CSA

My CSA wireless clients were also logging this message. I'm not sure what is causing it, I created a rule to ignore the messages. Blocking it doesn't seem to break any wireless activity.

329
Views
0
Helpful
1
Replies
CreatePlease to create content