Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1196
Views
0
Helpful
1
Replies

IDS Res mgmt D signature attack

lucky.sibanyoni
Level 1
Level 1

‎08-10-2009 11:59 PM - edited ‎07-03-2021 05:55 PM

Hi, I'd like to know on how can i prevent this from happening? i get a lot of this messages lately: is there a way to resolve this? what does this really mean? is it a major network attack?

IDS 'Res mgmt D' Signature attack detected on AP 'AP1' protocol '802.11b/g' on Controller '10.10.120.5. The Signature description is 'Reserved management sub-type D', with precedence '10'. The attacker's mac address is '00:1a:f7:75:43:35', channel number is '1', and the number of detections is '5'.

Labels:
0 Helpful
1 Reply 1

aghaznavi
Level 5
Level 5

‎08-17-2009 10:20 AM

The Cisco intrusion detection system/intrusion prevention system (CIDS/IPS) instructs controllers to block certain clients from accessing the wireless network when attacks involving these clients are detected at Layer 3 through Layer 7. This system offers significant network protection by helping to detect, classify, and stop threats including worms, spyware/adware, network viruses, and application abuse. Two methods are available to detect IDS attacks:

• IDS sensors

• IDS signatures

You can configure IDS signatures, or bit-pattern matching rules used to identify various types of attacks in incoming 802.11 packets, on the controller. When the signatures are enabled, the access points joined to the controller perform signature analysis on the received 802.11 data or management frames and report any discrepancies to the controller.

http://www.cisco.com/en/US/docs/wireless/controller/4.0/configuration/guide/c40sol.htm

l

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card