Users Guide
Parameter Description Range Default
rts-rate-threshold
Number of RTS control
packets over the time
interval that constitutes an
anomaly.
0-100000 5000
rts-rate-time-interval
Time interval, in seconds,
over which the packet count
should be checked.
1-120
seconds
5
second
s
spoofed-deauth-blacklist
Enables detection of a
deauth attack initiated
against a client associated to
an AP. When such an attack
is detected, the client is
quarantined from the
network to prevent a man-in-
the-middle attack from being
successful.
true
false
false
tkip-replay-quiet-time
Time to wait, in seconds,
after detecting a TKIP replay
attack after which the check
can be resumed.
60-360000
seconds
900
second
s
Usage Guidelines
DoS attacks are designed to prevent or inhibit legitimate clients from accessing the network. This includes
blocking network access completely, degrading network service, and increasing processing load on clients and
network equipment.
Example
The following command enables a detection in the DoS profile named “floor2”:
(host) (config) #ids dos-profile floor2
(host) (IDS Denial Of Service Profile "floor2") detect-ap-flood
Command History
Release Modification
ArubaOS 3.0 Command Introduced.
ArubaOS 3.3 Updated with support for high-throughput IEEE 802.11n standard.
ArubaOS 3.4 detect-disconnect-sta and disconnect-sta-quiet-time parameters deprecated.
Dell Networking W-Series ArubaOS 6.4.x | User Guide ids dos-profile | 428