No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
brute-force-detect quiet-time

brute-force-detect quiet-time

Function

The brute-force-detect quiet-time command sets the quiet time for an AP to record brute force key attacks.

The undo brute-force-detect quiet-time command restores the default quiet time for an AP to record brute force key attacks.

By default, the quiet time for an AP to record brute force key attacks is 600 seconds.

Format

brute-force-detect quiet-time quiet-time-value

undo brute-force-detect quiet-time

Parameters

Parameter

Description

Value

quiet-time-value

Specifies the quiet time for an AP to record brute force key attacks.

The value is an integer that ranges from 60 to 36000, in seconds.

Views

WIDS view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After attack detection is enabled on an AP, the AP reports alarms upon attack detection. If an attack source launches attacks repeatedly, a large number of repeated alarms are generated. To prevent this situation, configure the quiet time function for attack detection. When detecting attack sources of the same MAC address, the AP does not report alarms in the quiet time. However, if the AP still detects attacks from the attack source after the quiet time expires, the AP reports alarms. You can set the quiet time based on attack types.

To obtain attack information in time, set the quiet time to a small value. If attacks are frequently detected, set the quiet time to a large value to avoid frequent alarm reports.

Follow-up Procedure

Run the dynamic-blacklist enable command to enable the dynamic blacklist function.

Example

# Set the quiet time for an AP to record brute force key attacks to 300 seconds.

<Huawei> system-view
[Huawei] interface wlan-radio 0/0/1
[Huawei-wlan-Radio0/0/1] wids attack detect enable wpa-psk
[Huawei-wlan-Radio0/0/1] quit
[Huawei] wlan
[Huawei-wlan-view] wids
[Huawei-wlan-wids] brute-force-detect quiet-time 300
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 200909

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next