Specifications

Configuring Rogue Detection Lists

22-8 Rogue Detection and Countermeasures

ToremoveanSSIDfromthepermittedSSIDlist,usethefollowingcommand:

clear rfdetect ssid-list ssid-name

ThefollowingcommandclearsSSIDmycorpfromthepermittedSSIDlist:

RBT-8100# clear rfdetect ssid-list mycorp

success: mycorp is no longer in ssid-list.

Configuring a Client Black List

Theclientblacklistspecifiesclientsthatarenotallowedonthenetwork.MSSdropsallpackets

fromtheclientsontheblacklist.

Bydefault,theclientblacklistisempty.Inadditiontomanuallyconfiguredentries,thelistcan

containentriesaddedbyMSS.MSScanplaceaclient

intheblacklistduetoanassociation,

reassociationordisassociationfloodfromtheclient.

TheclientblacklistappliesonlytotheRoamAboutSwitchonwhichthelistisconfigured.

RoamAboutswitchesdonotshareclientblacklists.

Toaddanentrytothelist,usethefollowingcommand:

set rfdetect black-list mac-addr

Examples

ThefollowingcommandaddsclientMACaddress11:22:33:44:55:66totheblacklist:

RBT-8100# set rfdetect black-list 11:22:33:44:55:66

success: MAC 11:22:33:44:55:66 is now blacklisted.

Todisplaytheclientblacklist,usethefollowingcommand:

show rfdetect black-list

ThefollowingexampleshowstheclientblacklistonRoamAboutSwitch:

RBT-8100# show rfdetect black-list

Total number of entries: 1

Blacklist MAC Type Port TTL

----------------- ----------------- ------- ---

11:22:33:44:55:66 configured - -

11:23:34:45:56:67 assoc req flood 3 25