No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
brute-force-detect interval

brute-force-detect interval

Function

The brute-force-detect interval command sets the interval for brute force key cracking detection.

The undo brute-force-detect interval command restores the default interval for brute force key cracking detection.

By default, the interval for brute force key cracking detection is 60 seconds.

Format

brute-force-detect interval interval

undo brute-force-detect interval

Parameters

Parameter

Description

Value

interval interval

Specifies the interval for brute force key cracking detection.

The value is an integer that ranges from 10 to 120, in seconds.

Views

WIDS profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

In a brute force key cracking attack, an attacker tries all possible key combinations one by one to obtain the correct password. To improve password security, enable defense against brute force key cracking to prolong the time used to crack passwords.

An AP checks whether the number of key negotiation failures during WPA/WPA2-PSK, WAPI-PSK, or WEP-Share-Key authentication of a user exceeds the threshold configured using the brute-force-detect threshold command. If so, the AP considers that the user is using the brute force method to crack the password and reports an alarm to the AC. If the dynamic blacklist function is enabled, the AP adds the user to the dynamic blacklist and discards all the packets from the user until the dynamic blacklist entry ages out.

Follow-up Procedure

Run the dynamic-blacklist enable command to enable the dynamic blacklist function.

Example

# Set the interval for brute force key cracking detection to 100 seconds.

<AC6605> system-view
[AC6605] wlan
[AC6605-wlan-view] ap-group name office
[AC6605-wlan-ap-group-office] radio 0
[AC6605-wlan-group-radio-office/0] wids attack detect enable wpa-psk
[AC6605-wlan-group-radio-office/0] quit
[AC6605-wlan-ap-group-office] quit
[AC6605-wlan-view] wids-profile name huawei
[AC6605-wlan-wids-prof-huawei] brute-force-detect interval 100
Related Topics
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3186336

Downloads: 595

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :