Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
501
Views
0
Helpful
1
Replies

WCS Alarms

krishanmistry
Level 1
Level 1

‎09-03-2008 01:37 AM - edited ‎07-03-2021 04:24 PM

We have deployed Wireless in a few offices as a proof of concept and we have started to get the following alarm at one site:

The AP '00:1f:ca:2e:59:a0' with protocol '802.11b/g' on Controller '#.#.##.#' received a message with a large NAV field and all traffic on the channel has been suspended. This is most likely a malicious denial of service attack.

The above is continually being reported on a couple (but not all) APs at this office.

In addition do you have any info/comment on the following:

· Big NAV Attack detected.

· Auth/De-auth floods i.e. "IDS 'Auth flood' Signature attack detected".

· Assoc/Deassoc flood i.e. "IDS 'Assoc flood' Signature attack detected".

Many Thanks

Labels:
0 Helpful
1 Reply 1

carenas123
Level 5
Level 5

‎09-09-2008 08:27 AM

Here is the URL for the Alarms and Events for the WCS. Following guide will help you for the Events and Alarms :

http://www.cisco.com/en/US/docs/wireless/wcs/4.1/configuration/guide/wcsevent.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card