NETGEAR ProSafe Premium WNDAP620 Reference Manual page 91

Prosafe premium 3 x 3 dual-band wireless-n access point

Hide thumbs Also See for ProSafe Premium WNDAP620:

Installation manual (2 pages)

Installation manual (28 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

Table of Contents

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620

Table 24. IDS/IPS policies and policy rules (continued)

Policy

Description

EAPOL-start attack

•

Attack. Multiple EAPOL start frames (5 or more) are sent to the

wireless access point to initiate the RADIUS authentication

process for clients.

•

Result. Wireless service is disrupted.

•

Solution. The wireless access point determines if the legitimate

clients have already been authenticated before processing

EAPOL start frames.

EAPOL-logoff attack •

Attack. Several EAPOL logoff frames (2 or more) that use the

spoofed MAC address of a legitimate client are sent to the

wireless access point to terminate a RADIUS-authenticated

session.

•

Result. The client is disconnected from the wireless access

point.

•

Solution. The wireless access point determines if it still

receives traffic from the client before disconnecting the client.

Premature EAP

•

Attack. Several premature EAP failure frames (2 or more) are

failure attack

sent to a legitimate client to suggest RADIUS authentication

failure.

•

Result. The client cannot be authenticated and cannot connect

to the wireless access point.

Note:

against this attack.

Premature EAP

•

Attack. Several premature EAP success frames (2 or more) are

success attack

sent to a legitimate client to suggest RADIUS authentication

success.

•

Result. The client cannot be authenticated and cannot connect

to the wireless access point.

Note:

against this attack.

CTS flood

•

Attack. Multiple clear-to-send (CTS) frames (60 or more) are

sent to the wireless access point.

•

Result. Wireless service is disrupted.

•

Solution. The wireless access point sends a channel change

frame to the legitimate clients and uses automatic channel

selection to switch to a new clear channel.

RTS flood

•

Attack. Multiple request-to-send (RTS) frames (60 or more) are

sent to the wireless access point.

•

Result. Wireless service is disrupted.

•

Solution. The wireless access point sends a channel change

frame to the legitimate clients and uses automatic channel

selection to switch to a new clear channel.

The IDS detects this attack, but the IPS does not take action

Management and Monitoring

Policy Rule

Threshold

Notification

Trap

Table of Contents

NETGEAR ProSafe Premium WNDAP620 Reference Manual page 91

Related Manuals for NETGEAR ProSafe Premium WNDAP620

Related Products for NETGEAR ProSafe Premium WNDAP620

Table of Contents