https://community.cisco.com/t5/wireless/wlc-deauthentication-flood-attack/m-p/2475153#M6710 <P>I would like to know what actions can take a Wireless Lan Controller when one of the register Access Points receives an Authentication, Deauthentication or a Disassociation Flood Attack.</P><P></P><P>Also i would like to know what can be the best practices to mitigate these attacks.</P><P></P><P>Thanks a lot.</P> Mon, 05 Jul 2021 07:12:43 GMT Diego Prada 2021-07-05T07:12:43Z https://community.cisco.com/t5/wireless/wlc-deauthentication-flood-attack/m-p/2475153#M6710 <P>I would like to know what actions can take a Wireless Lan Controller when one of the register Access Points receives an Authentication, Deauthentication or a Disassociation Flood Attack.</P><P></P><P>Also i would like to know what can be the best practices to mitigate these attacks.</P><P></P><P>Thanks a lot.</P> Mon, 05 Jul 2021 07:12:43 GMT https://community.cisco.com/t5/wireless/wlc-deauthentication-flood-attack/m-p/2475153#M6710 Diego Prada 2021-07-05T07:12:43Z https://community.cisco.com/t5/wireless/wlc-deauthentication-flood-attack/m-p/2475154#M6711 <HTML><HEAD></HEAD><BODY><P>Refer you to Rogue Management, Attack Detection and Threat Mitigation document.</P><P></P><P><A class="jive-link-wiki-small" href="https://community.cisco.com/docs/DOC-21899">https://supportforums.cisco.com/docs/DOC-21899</A></P></BODY></HTML> Wed, 26 Feb 2014 09:43:39 GMT https://community.cisco.com/t5/wireless/wlc-deauthentication-flood-attack/m-p/2475154#M6711 Naveen Kumar 2014-02-26T09:43:39Z https://community.cisco.com/t5/wireless/wlc-deauthentication-flood-attack/m-p/2475155#M6712 <P>The most important thing is to locate the attacker and isolate it.</P><P>The attack can be intentional (by an attacker) or unintentional (by problematic WLAN driver or by neighbor rogue WLAN system).</P><P>&nbsp;</P><P>By finding the attack source you decide what will you do:</P><P>- if problematic driver fix it or otherwise isolate it.</P><P>- if neighbor rogue WLANs contact their admin and ask them to add your WLAN as friendly one.</P><P>- if an attacker you decide what you will do. You may call 911</P><P>&nbsp;</P><P>To help locating the attack sources, Cisco provides Mobility Service Engine (MSE):</P><P><A class="jive-link-external-small" href="http://www.cisco.com/c/en/us/products/wireless/mobility-services-engine/index.html">http://www.cisco.com/c/en/us/products/wireless/mobility-services-engine/index.html</A></P><P>&nbsp;</P><P>Hope this is useful.</P><P>&nbsp;</P><P>Amjad</P><P>&nbsp;</P><P><SPAN style="color: blue;">Rating useful replies is more useful than saying <SPAN style="color: green;"> "<SPAN style="text-decoration: underline;">Thank you</SPAN>"</SPAN></SPAN></P> Sat, 07 Mar 2015 11:47:23 GMT https://community.cisco.com/t5/wireless/wlc-deauthentication-flood-attack/m-p/2475155#M6712 Amjad Abdullah 2015-03-07T11:47:23Z