Specifications
Radio Resource Management 295
Chapter 14
DoS Client Block Time – Specifies the number of seconds a client will be
quarantined from the network after a deauth attack against the client has been
detected. This is used to prevent man-in-the-middle attacks.
The equivalent CLI configuration for the above example is:
stm dos-prevention enable
stm sta-dos-prevention enable
stm sta-dos-block-time 3600
Configuration of RF Monitoring
Coverage Hole Detection
The way we implemented CHD is slightly different. We will generate a CHD
event only if the RSSI of the client is low during association phase.
We don’t do any CHD based on the RSSI of data packets. The way I test is
associate a client (I used CISCO-350) to the AP and moved to around 180ft.
Then Cisco started sending out probe–request around 180ft. And the AP
noticed low RSSI on the probe request and generated CHD event.
You will see now a coverage hole detection (CHD) event in the log.
Our CHD works only when the client is not able to associate.
Coverage hole detection looks for clients unable to associate to any AP,
associating at very low data rates, or associating with low signal strength.
These symptoms indicate areas of a building where holes in radio coverage
exist. When the system detects such coverage holes, the administrator is
notified of the condition via the event log. To configure coverage hole
detection, navigate to
Configuration > RF Management > Monitoring > Coverage
Hole Detection
as shown in the figure below.