Using The Cli To View Ids Signature Events - Cisco SD2008T-NA Configuration Manual
4400 series wireless lan controller
Hide thumbs
Also See for SD2008T-NA:
- Configuration manual (46 pages) ,
- Installation manual (160 pages)
Table of Contents
Advertisement
Configuring IDS
Using the CLI to View IDS Signature Events
Use these commands to view signature events using the controller CLI.
1.
2.
3.
4.
5.
Cisco Wireless LAN Controller Configuration Guide
5-38
To see all of the standard and custom signatures installed on the controller, enter this command:
show wps signature summary
To see the number of attacks detected by the enabled signatures, enter this command:
show wps signature events summary
Information similar to the following appears:
Precedence Signature Name
---------- ------------------ -----
1
Bcast deauth
2
NULL probe resp 1
To see more information on the attacks detected by a particular standard or custom signature, enter
this command:
show wps signature events {standard | custom} precedence# summary
Information similar to the following appears:
Precedence....................................... 1
Signature Name................................... Bcast deauth
Type............................................. Standard
Number of active events....................... 2
Source MAC Addr
Track Method
----------------- ------------
00:01:02:03:04:01 Per Signature
00:01:02:03:04:01 Per Mac
To see information on attacks that are tracked by access points on a per-signature and per-channel
basis, enter this command:
show wps signature events {standard | custom} precedence# detailed per-signature source_mac
To see information on attacks that are tracked by access points on an individual-client basis (by
MAC address), enter this command:
show wps signature events {standard | custom} precedence# detailed per-mac source_mac
Information similar to the following appears:
Source MAC....................................... 00:01:02:03:04:01
Precedence....................................... 1
Signature Name................................... Bcast deauth
Type............................................. Standard
Track............................................ Per Mac
Frequency........................................ 6
Reported By
AP 1
MAC Address.............................. 00:0b:85:01:4d:80
Name..................................... Test_AP_1
Radio Type............................... 802.11bg
Channel.................................. 4
Last reported by this AP................. Tue Dec 6 00:17:49 2005
Type
No. Events
-----------
Standard
2
Standard
1
Frequency No. APs Last Heard
--------- -------- ------------------------
4
3
Tue Dec 6 00:17:44 2005
6
2
Tue Dec 6 00:30:04 2005
Chapter 5
Configuring Security Solutions
OL-9141-03
Hide quick links:
Advertisement
Table of Contents
