Specifications

IDS and DoS Alerts

RoamAbout Mobility System Software Configuration Guide 22-15

Disallowed Devices or SSIDs

YoucanconfigurethefollowingtypesofliststoexplicitlyallowspecificdevicesorSSIDs:

• PermittedSSIDlist—MSSgeneratesamessageifanSSIDthatisnotonthelistisdetected.

• Permittedvendorlist—MSSgeneratesamessageifanAPorwirelessclientwithanOUIthat

isnotonthe

listisdetected.

•Clientblacklist—MSSpreventsclientsonthelistfromaccessingthenetworkthroughaRAS.

IftheclientisplacedontheblacklistdynamicallybyMSSduetoanassociation,reassociation

ordisassociationflood,MSSgeneratesalogmessage.

Bydefault,theselistsareemptyandall

SSIDs,vendors,andclientsareallowed.Formore

information,see“SummaryofRogueDetectionFeatures”onpage 22‐5.

Displaying Statistics Counters

TodisplayIDSandDoSstatisticscounters,usetheshowrfdetectcounterscommands.(See

“DisplayingStatisticsCounters”onpage 22 ‐15.)

IDS Log Message Examples

Table 22‐2showsexamplesofthelogmessagesgeneratedbyIDS.

Table 22-2 IDS and DoS Log Messages

Message Type Example Log Message

Probe message flood Client aa:bb:cc:dd:ee:ff is sending probe message flood.