User's Manual Part 2
48 Configuring the Extricom WLAN System
Table 14: IDS Tab
Field Description
Enable Enables Intrusion detection
Duration Attack
Enable Enable - tick duration attack check box
Duration Attack WLAN devices reserve the channel for a particular period of
time and then start using the radio channel. This reservation of
channel is for a particular period of time. This time period is the
Network Allocation Vector (NAV) in the 802.11 .By using high
NAV values an attacker can prevent other WLAN devices to
utilize the wireless network.
Check box 11b/g , 11a The Max NAV period after which attack is discovered.
Flood attacks
Malicious users can flood the WLAN with 802.11 management messages
Events thresholds Number of events per second
Per station Number of time a specific event is allowed during the event
threshold. Each of the possible attack types listed below is
assigned a limit per station.
All station Number of times a specific event is allowed during the event
threshold. Each of the possible attack types listed below is
assigned with a limit to all stations
Authentication Flood Flooding the WLAN with authentication requests
De-Authentication
Flood
Flooding the WLAN with De-authentication requests
Association Flood Flooding the WLAN with association requests
Dis-Association Flood Flooding the WLAN with Dis-association - requests
Invalid Authentication
Request
Flooding the WLAN with Invalid authentication requests
EAPOL Start Flooding the WLAN with EAP authentication ”EAPOL Start”
EAPOL Logoff Flooding the WLAN with EAP authentication ”EAPOL Logoff”