WLAN_1.3.6.1.4.1.2011.6.139.15.1.1.16 hwWlanWidsAttackDetectedTrap

Description

WLAN/4/AP_DETECT_ATTACK:OID [oid] The AP detected an attacking device. (Attack device=[OPAQUE], Attack type=[STRING], Attack sub type=[STRING], Monitor AP ID=[INTEGER], Monitor AP name=[STRING], Monitor AP MAC=[OPAQUE], Frequency=[STRING], Channel=[INTEGER], SSID=[STRING])

An AP detects an attack device.

Attribute

Alarm ID	Alarm Severity	Alarm Type
1.3.6.1.4.1.2011.6.139.15.1.1.16	Warning	qualityOfServiceAlarm(3)

Parameters

Name	Meaning
oid	Indicates the ID of a MIB object.
Attack device	Indicates the MAC address of an attack device.
Attack type	Indicates an attack type.
Attack sub type	Indicates an attack subtype.
Monitor AP ID	Indicates the ID of the AP that has detected an attack device.
Monitor AP name	Indicates the name of the AP that has detected an attack device.
Monitor AP MAC	Indicates the MAC address of the AP that has detected an attack device.
Frequency	Indicates the frequency band of the AP that has detected an attack device.
Channel	Indicates the channel of the AP that has detected an attack device.
SSID	Indicates the SSID of the AP that has detected an attack device. SSID information is reported only for brute force cracking attacks.

Impact on the System

Attack devices exist on the air interface, which affects air interface security. As a result, STAs may fail to access the network, and the AP association password may be cracked.

Possible Causes

The AP detects an attack on the air interface.

Procedure

Run the display wlan ids attack-detected all command to check the list of attack devices.
Run the display wlan ids attack-detected mac-address command to check the AP that detects the attack devices.
Locate the attack devices around the AP and exclude the attack devices.
Check whether the alarm persists.
- If so, go to Step 5.
- If not, go to Step 6.
Collect alarm, log, and configuration information, and contact technical support personnel.
End.

Related Information

None.