We have deployed Wireless in a few offices as a proof of concept and we have started to get the following alarm at one site:
The AP '00:1f:ca:2e:59:a0' with protocol '802.11b/g' on Controller '#.#.##.#' received a message with a large NAV field and all traffic on the channel has been suspended. This is most likely a malicious denial of service attack.
The above is continually being reported on a couple (but not all) APs at this office.
In addition do you have any info/comment on the following:
· Big NAV Attack detected.
· Auth/De-auth floods i.e. "IDS 'Auth flood' Signature attack detected".
· Assoc/Deassoc flood i.e. "IDS 'Assoc flood' Signature attack detected".
Many Thanks