No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R013C00 Command Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
wids attack detect enable

wids attack detect enable

Function

(AP group radio view) The wids attack detect enable command enables attack detection on all specified radios in an AP group.

(AP group radio view) The undo wids attack detect enable command disables attack detection on all specified radios in an AP group.

(AP radio view) The wids attack detect enable command enables attack detection on an AP radio.

(AP radio view) The undo wids attack detect enable command cancels the configuration of the attack detection function on an AP radio. The status of this function on the AP radio is then determined by the status of this function in the AP group radio view.

By default, attack detection is disabled on AP radios.

Format

wids attack detect enable { all | flood | weak-iv | spoof | wpa-psk | wpa2-psk | wapi-psk | wep-share-key }

undo wids attack detect enable { all | flood | weak-iv | spoof | wpa-psk | wpa2-psk | wapi-psk | wep-share-key }

Parameters

Parameter

Description

Value

all

Enables all attack detection functions.

-

flood

Enables flood attack detection.

-

weak-iv

Enables weak IV attack detection.

-

spoof

Enables spoofing attack detection.

-

wpa-psk

Enables brute force attack detection for WPA-PSK authentication.

-

wpa2-psk

Enables brute force attack detection for WPA2-PSK authentication.

-

wapi-psk

Enables brute force attack detection for WAPI-PSK authentication.

-

wep-share-key

Enables brute force attack detection for shared key authentication.

-

Views

AP group radio view, AP radio view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To monitor and prevent malicious or unintentional attacks on WLANs in real time, network administrators can enable the following attack detection functions based on actual requirements:
  • flood: indicates flood attack detection used to detect whether an AP receives a large number of packets of the same type in a short period.
  • weak-iv: indicates weak IV attack detection used to detect whether weak IV is used for WEP encryption on a WLAN.
  • spoof: indicates spoofing attack detection used to detect whether a potential attacker pretends to be an AP to broadcast Deauthentication and Disassociation packets.
  • wpa-psk, wpa2-psk, wapi-psk, wep-share-key: indicates brute force attack detection. If the WPA-PSK, WPA2-PSK, WAPI-PSK, or WEP-SK security policy is configured on a WLAN, brute force attack detection can be enabled to increase the time required for password cracking and improve password security.

Precautions

  • The configuration in the AP radio view has a higher priority than that in the AP group radio view.

  • If no attack detection function is enabled in the AP radio view, the configuration in the AP group radio view is inherited. If any attack detection function is enabled in the AP radio view, the configuration in the AP group radio view does not take effect and the configuration in the AP radio view is inherited. For example, when all attack detection functions are enabled in the AP group radio view:
    • If no attack detection function is enabled in the AP radio view, the configuration in the AP group radio view takes effect. That is, all attack detection functions are enabled on the AP radio.
    • If spoofing attack detection is enabled in the AP radio view, the configuration in the AP radio view takes effect. That is, only spoofing attack detection is enabled on the AP radio.

Follow-up Procedure

Run the dynamic-blacklist enable command to enable the dynamic blacklist function.

Example

# Enable brute force attack detection for WPA-PSK authentication on radio 0 in AP group office.
<HUAWEI> system-view
[HUAWEI] wlan
[HUAWEI-wlan-view] ap-group name office
[HUAWEI-wlan-ap-group-office] radio 0
[HUAWEI-wlan-group-radio-office/0] wids attack detect enable wpa-psk
Translation
Download
Updated: 2019-04-09

Document ID: EDOC1100065659

Views: 126995

Downloads: 88

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next