Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

WLC Standard Signatures

Hi,

According to Cisco, the WLC has 17 built-in standard attack signatures.

In order for IPS signatures updates etc, a separate cisco IPS is to be used. Due to budget constrains, my client is eliminating buying a cisco IPS.

There is a request for me to show that the existing standard 17 signatures do work on the WLC.

A few signatures includes:

1. Broadcast Deauthentication Frame

2. Association/Authentication Request Flood

3. Deauthentication Flood.

May i know how i can simulate these attacks so that it get picked up by the WLC

3 REPLIES
Community Member

Re: WLC Standard Signatures

I used the Airpcap EX adapter from CaceTech to do exactly what you described.

http://www.cacetech.com/products/airpcap-ex.htm

The aircrack -ng code works with the Airpcap adapter. Generating some basic denial of service attacks is fairly easy. That is how I validated the alarms on the WLC.

Silver

Re: WLC Standard Signatures

The BackTrack live CD is an excellent recource for penetration testing tools.

http://www.remote-exploit.org/backtrack.html

Community Member

Re: WLC Standard Signatures

hi

THanks for your information

Did u also only have the standard 17 signatures on your WLC? I assume by enabling "Enable check for all Standard and Custom Signatures" does it all, any attacks will be shown on the trap logs

494
Views
0
Helpful
3
Replies
CreatePlease to create content