Справочник Пользователя для SonicWALL 5.8.1
SonicPoint > RF Management
586
SonicOS 5.8.1 Administrator Guide
Tip
Did you know? It is possible to find approximate locations of RF Threat devices by using
logged threat statistics. For more practical tips and information on using the RF
Management threat statistics, see the
logged threat statistics. For more practical tips and information on using the RF
Management threat statistics, see the
Adding a Threat Station to the Watch List
The RF Management Discovered Threat Stations “Watch List” feature allows you to create a
watch list of threats to your wireless network. The watch list is used to filter results in the
Discovered RF Threat Stations list.
watch list of threats to your wireless network. The watch list is used to filter results in the
Discovered RF Threat Stations list.
To add a station to the watch list:
Step 1
In the SonicPoint > RF Management page, navigate to the Discovered RF threat stations
section.
section.
Step 2
Click the
icon that corresponds to the threat station you wish to add to the watch list.
Step 3
A confirmation screen will appear. Click OK to add the station to the watch list.
Step 4
If you have accidentally added a station to the watch list, or would otherwise like a station
removed from the list, click the
removed from the list, click the
icon that corresponds to the threat station you wish to
remove.
Tip
Once you have added one or more stations to the watch list, you can filter results to see only
these stations in the real-time log by choosing Only Stations in Watch List Group from the
View Type drop-down list.
these stations in the real-time log by choosing Only Stations in Watch List Group from the
View Type drop-down list.
Types of RF Threat Detection
The following is a partial list containing descriptions for the most prominent types of RF
signatures detected by SonicWALL RF Management:
signatures detected by SonicWALL RF Management:
•
Long Duration Attacks - Wireless devices share airwaves by dividing the RF spectrum
into 14 staggered channels. Each device reserves a channel for a specified (short) duration
and during the time that any one device has a channel reserved, other devices know not to
broadcast on this channel. Long Duration attacks exploit this process by reserving many
RF channels for very long durations, effectively stopping legitimate wireless traffic from
finding an open broadcast channel.
into 14 staggered channels. Each device reserves a channel for a specified (short) duration
and during the time that any one device has a channel reserved, other devices know not to
broadcast on this channel. Long Duration attacks exploit this process by reserving many
RF channels for very long durations, effectively stopping legitimate wireless traffic from
finding an open broadcast channel.
•
Management Frame Flood - This variation on the DoS attack attempts to flood wireless
access points with management frames (such as association or authentication requests)
filling the management table with bogus requests.
access points with management frames (such as association or authentication requests)
filling the management table with bogus requests.