I have WCS 126.96.36.199 where as i have very frequent alert about DoS : CTS flood
In channel 60, the system has detected 212 CTS frames in the last minute, which matches the traffic pattern of the form of denial-of-service attack, CTS (Clear-To-Send) attack. A wireless denial-of-service attacker may suspend the wireless media for communication by taking advantage of the privilege of CTS frame to reserve RF medium for transmission. By transmitting back to back CTS frames, an attacker can force other wireless devices sharing the RF medium to hold back its transmission until the attacker stops transmitting the CTS frames.
The system detects the abuse of CTS frames for denial-of-service attack.
If you go security-->wireless protection policy-->standard signature
You will see a list of signatures. Your CTS alert is in one of them, which one is the question. Is my guess ... Unless you have custom one set up ?
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...