08-26-2014 09:23 PM - edited 07-05-2021 01:26 AM
How can I test the wips functionallity on a wireless infrastructure using a wlc 5508,3700 APs with WiPS module, NCS PRIME 2.0 and MSE with WiPS?
At this time the APs are as local mode and wips sub mode on WLC 5508, and the WiPS licenses on NCS are installed.
What could be the best scenario(software, antennas, cards) to test the wireless security with this infrastructure?
REGARDS.
Solved! Go to Solution.
09-09-2014 09:07 AM
Hi,
please go through below link which probably will remove you glitch.
http://www.cisco.com/c/en/us/td/docs/wireless/technology/wips/deployment/guide/WiPS_deployment_guide.html
09-16-2014 12:34 AM
You may use Kali Linux to do some wireless attacks on your network and see how they're being detected by your WIPs.
you may google for kali linux wireless attacks. here is one example link:
https://www.packtpub.com/books/content/kali-linux-%E2%80%93-wireless-attacks
Regards,
Amjad
09-09-2014 09:07 AM
Hi,
please go through below link which probably will remove you glitch.
http://www.cisco.com/c/en/us/td/docs/wireless/technology/wips/deployment/guide/WiPS_deployment_guide.html
09-16-2014 12:34 AM
You may use Kali Linux to do some wireless attacks on your network and see how they're being detected by your WIPs.
you may google for kali linux wireless attacks. here is one example link:
https://www.packtpub.com/books/content/kali-linux-%E2%80%93-wireless-attacks
Regards,
Amjad
09-17-2014 06:31 PM
09-19-2014 03:04 PM
09-21-2014 07:04 AM
What you have to do is to either impersonate the AP (send deauth messages to the client on behalf of your AP with your AP BSSID as the source MAC) or use floods DoS (authentication floods for example, a client that tries to maliciously send high number of auth requests to the AP and stops at that stage of state machine which will fill the Association table of the AP and prevents other clients form being able to connect).
Here is Cisco WIPS Policy Alarm Encyclopedia:
http://goo.gl/LXBLW5
My question here would be: Do you have a Mobility Service Engine (MSE) in your infrastructure? That's necessary to be available with WIPS service running and that must be integrated with WLCs and NCS/Prime.
Regards,
Amjad
09-21-2014 08:29 AM
09-22-2014 12:46 AM
You don't have to run MFP. But you need to make sure that wIPS service is running correctly on on the MSE and MSE, NCS and WLC area all synched.
Have you followed the deployment guide and created wIPS profiles on NCS?
http://goo.gl/MgUxSU
Regards,
Amjad
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide