Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 890
878
Brocade Mobility RFS Controller CLI Reference Guide
53-1003098-01
10
event dos-cts-flood threshold [cts-frames-ratio <0-65535>|mu-rx-cts-frame
<0-65535>]
multicast-all-systems-on-su
bnet
This event occurs when a sanctioned device detects multicast packets to all systems on the subnet
multicast-dhcp-server-relay
-agent
This event occurs when a sanctioned device detects a DHCP server relay agent in the network
multicast-hsrp-agent
This event occurs when a sanctioned device detects a Hot Standby Router Protocol (HSRP) agent in the
network
multicast-igmp-detection
This event occurs when a sanctioned device detects multicast Internet Group Management Protocol (IGMP)
packets.
multicast-igrp-routers-detec
tion
This event occurs when a sanctioned device detects multicast Interior Gateway Routing Protocol (IGRP)
packets.
multicast-ospf-all-routers-d
etection
This event occurs when a sanctioned device detects multicast Open Shortest Path First (OSPF).packets
multicast-ospf-designated-r
outers-detection
This event occurs when a sanctioned device detects multicast OSPF routers in the network.
multicast-rip2-routers-dete
ction
This event occurs when a sanctioned device detects multicast Routing Information Protocol version 2 (RIP2)
routers in the network.
multicast-vrrp-agent
This event occurs when a sanctioned device detects multicast Virtual Router Redundancy Protocol (VRRP)
agents in the network.
netbios-detection
This event occurs when netbios packets are detected in the network.
Network Basic Input/Output System (netbios) provides services related to the sessions layer of the OSI
model. This allows applications on different devices to communicate over the local area network.
null-probe-response-detect
ed
This event occurs when a sanctioned device detects null probe response packets.
stp-detection
This event occurs when a sanctioned device detects Scanning Tunnelling Protocol (STP) packets in the
network.
unauthorized-bridge
This event occurs when unauthorized bridges are detected in the network.
windows-zero-config-memo
ry-leak
This event occurs when a Windows™ Zero-Config memory leak is detected.
wlan-jack-attack-detected
This event occurs when a WLAN-jack exploit is detected.
WLAN-jack is a tool in the AirJack suite that forces an AP to disassociate a valid client. The attacker sends
deauthentication frames continuously or uses the broadcast address. This prevents the wireless clients
from reassociating with the AP.
trigger-against
[neighboring|
sanctioned|
unsanctioned]
The following keywords are common to all of the above events:
•
trigger-against – Configures the event trigger condition
•
neighboring – The selected event is triggered only against neighboring devices
•
sanctioned – The selected event is triggered only against sanctioned devices
•
unsanctioned – The selected event is triggered only against unsanctioned devices
dos-cts-flood
This event occurs when a large number of clear to send (CTS) frames are detected in the network
threshold
[cts-frames-ratio
<0-65535>|
mu-rx-cts-frame
<0-65535>]
Sets the CTS flood threshold
•
cts-frames-radio <0-65535> – Sets the CTS:Total Frames ratio for triggering this event
•
<0-65535> – Specify the value from 0 - 65535.
•
mu-rx-cts-frame – Sets the CTS frame received by clients
•
<0-65535> – Specify the value from 0 - 65535.