version 1.5, 2005/09/29 23:24:56 |
version 1.6, 2005/09/30 16:50:03 |
|
|
with frame type management subtype deauth reason auth expire \ |
with frame type management subtype deauth reason auth expire \ |
from &bssid to ff:ff:ff:ff:ff:ff bssid &bssid |
from &bssid to ff:ff:ff:ff:ff:ff bssid &bssid |
|
|
# The first deauth example will not work with some newer stuff, like |
# The first de-auth example will not work with some newer stuff, like |
# iwi(4)/ipw(4) "centrino", because they ignore management frames to |
# iwi(4)/ipw(4) "centrino", because they ignore management frames to |
# the broadcast address as a countermeasure against the "void11" |
# the broadcast address as a countermeasure against the "void11" |
# attack. |
# attack. |
|
|
# hostap handle type data bssid !<myess> \ |
# hostap handle type data bssid !<myess> \ |
# with frame type management subtype deauth reason auth expire \ |
# with frame type management subtype deauth reason auth expire \ |
# from &bssid to &from bssid &bssid |
# from &bssid to &from bssid &bssid |
|
|
|
# Detect flooding of management frames except beacons. |
|
# This will detect some possible Denial of Service attacks |
|
# against the IEEE 802.11 protocol (like "void11"). |
|
hostap handle skip type management subtype ! beacon \ |
|
with log \ |
|
rate 100 / 10 sec |
|
|
# Finally log any rogue accesspoints limited to every second. |
# Finally log any rogue accesspoints limited to every second. |
# The skip keywords instructs hostapd to ignore further IAPP |
# The skip keywords instructs hostapd to ignore further IAPP |