NETGEAR ProSafe Premium WNDAP620 Reference Manual page 90

Prosafe premium 3 x 3 dual-band wireless-n access point

Hide thumbs Also See for ProSafe Premium WNDAP620:

Installation manual (2 pages)

Installation manual (28 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

Table of Contents

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620

Table 24. IDS/IPS policies and policy rules (continued)

Policy

Description

Unauthenticated

•

Attack. Multiple unauthenticated association requests (5 or

association

more) that use spoofed MAC addresses of legitimate clients are

sent to the wireless access point.

•

Result. The client association table overflows, causing

authentication requests from legitimate clients to be denied.

•

Solution. The oldest clients that are stuck in the authentication

phase are removed from the table.

Association table

•

Attack. Multiple clients (5 or more) that use spoofed MAC

overflow

addresses of legitimate clients attempt to connect to the

wireless access point.

•

Result. The client association table overflows, causing

association requests from legitimate clients to be denied.

•

Solution. The oldest associations are removed from the table.

Authentication

•

Attack. Multiple invalid authentication requests (5 or more) that

failure attack

use the spoofed MAC address of a legitimate client are sent to

the wireless access point.

•

Result. The client is disconnected from the wireless access

point.

•

Solution. The wireless access point determines if the legitimate

client is already connected before processing an authentication

request.

Deauthentication

•

Attack. Multiple deauthentication frames (5 or more) that use

broadcast attack

the spoofed MAC address of the wireless access point are sent

to legitimate clients.

•

Result. Clients are disconnected from the wireless access

point.

Note:

against this attack.

Disassociation flood •

Attack. Multiple disassociation frames (5 or more) that use the

spoofed MAC address of the wireless access point are sent to a

legitimate client.

•

Result. The client is disconnected from the wireless access

point.

Note:

against this attack.

Malformed 802.11

•

Detection. Multiple malformed packets (5 or more) are sent to

packets detected

the wireless access point.

•

Result. Clients behave unexpectedly or crash.

•

Solution. The wireless access point drops the malformed

packets.

The IDS detects this attack, but the IPS does not take action

Management and Monitoring

Policy Rule

Threshold

Notification

Trap

Table of Contents

NETGEAR ProSafe Premium WNDAP620 Reference Manual page 90

Related Manuals for NETGEAR ProSafe Premium WNDAP620

Related Products for NETGEAR ProSafe Premium WNDAP620

Table of Contents