As crazy as it seems the title of this message is what we are seeing on a wireless network. That SSID is no where on this network and never has been. However, we are seeing it be used by numerous clients, which are carts with a small form factor PC by Flo Healthcare Systems. We use a Cisco PCI card for wireless connectivity. It has one profile using EAP-Fast for security and one SSID.
Airmagnet clearly shows the client trying to use this in a login attempt from traces and decodes.
Anyone know how or where this could be coming from? We have done registry searches and actually found it in the registry, and deleted it only to have it re-surface and be used again.
Min Loc: Lat 90.000000 Lon 180.000000 Alt 0.000000 Spd 0.000000
Max Loc: Lat -90.000000 Lon -180.000000 Alt 0.000000 Spd 0.000000
This is part of a text file posted from a "War Driver" that has discovered the same network.Maybe the mac-address or something else here may point you in the right direction. Notice no WEP encryption on the AP.
We have come to find out this maybe imbedded on the chipset by Atheros. The crazy part is the only profile for these clients is one with obviously a different SSID.
We have seen this on Airmagnet as well, and the clients contiuously use this in their Probe Request over and over and over..... Then they time out.
We are using EAP-FAST and it is driving us crazy. We have opened 2 TAC cases explaining this and no results on why this is continually happening. There will be plenty of times the clients never put this in their Probe Requests.