No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R013C00 Command Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
display wlan ids attack-history

display wlan ids attack-history

Function

The display wlan ids attack-history command displays historical records about the attacking devices detected.

Format

display wlan ids attack-history { all | flood | spoof | wapi-psk | weak-iv | wep-share-key | wpa-psk | wpa2-psk | mac-address mac-address }

Parameters

Parameter

Description

Value

all

Displays historical records about all types of attacking devices.

-

flood

Displays historical records about devices launching flood attacks.

-

spoof

Displays historical records about devices launching spoofing attacks.

-

wapi-psk

Displays historical records about devices that perform brute force cracking in WAPI-PSK authentication mode.

-

weak-iv

Displays historical records about devices launching weak IV attacks.

-

wep-share-key

Displays historical records about devices that perform brute force cracking in WEP-SK authentication mode.

-

wpa-psk

Displays historical records about devices that perform brute force cracking in WPA-PSK authentication mode.

-

wpa2-psk

Displays information about devices that perform brute force cracking in WPA2-PSK authentication mode.

-

mac-address mac-address

Displays historical records about detected devices launching attacks with specified MAC addresses.

The value is in H-H-H format. An H is a hexadecimal number of 4 digits.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

After attack detection is enabled, information the detected attacking devices are saved in the attacking device list. If an attacking device no longer launches an attack, the device is removed from the attacking device list and saved to the historical attacking device list. You can run the display wlan ids attack-history command to check historical records about the attacking devices detected.

Prerequisites

The attack detection functions of all types have been enabled using the wids attack detect enable command.

Example

# Display historical records of all attacking devices.

<HUAWEI> display wlan ids attack-history all
act: Action frame            asr: Association request
aur: Authentication request  daf: Deauthentication frame
dar: Disassociation request  wiv: Weak IV detected
pbr: Probe request           rar: Reassociation request
eaps: EAPOL start frame      eapl: EAPOL logoff frame
saf: Spoofed disassociation frame
sdf: Spoofed deauthentication frame
otsf: Other types of spoofing frames
AP: Name of the monitor AP that has detected the device
AT: Attack type              CH: Channel number
-------------------------------------------------------------------------------
MAC address     AT     CH   RSSI(dBm)  Last detected time    AP
-------------------------------------------------------------------------------
2477-039a-37ec  pbr    165  -86        2014-11-20/15:51:43   ap-13
00bc-71b7-171d  pbr    165  -88        2014-11-20/15:41:43   ap-13
2477-039a-0bf4  pbr    165  -81        2014-11-20/15:41:53   ap-13
-------------------------------------------------------------------------------
Total: 3, printed: 3
Table 11-192  Description of the display wlan ids attack-history all command output
Item Description

MAC address

  • For spoofing attacks, this parameter indicates the basic service set identifier (BSSID) that forges the MAC address of an AP.
  • For other types of attacks, this parameter indicates the MAC address of the device launching attacks.

AT

Acronym of attack type.

CH

Channel in which the last attack is detected.

RSSI(dBm)

Average received signal strength indicator (RSSI) of the attack frames detected.

Last detected time

Last time at which an attack is detected.

AP

Name of the monitor AP.

Translation
Download
Updated: 2019-04-09

Document ID: EDOC1100065659

Views: 126387

Downloads: 88

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next