D-Link DWS-1008 User Manual
8
Configuring an Attack List
The attack list specifies the MAC addresses of devices that MSS should issue countermeasures against
whenever the devices are detected on the network. The attack list can contain the MAC addresses of
APs and clients. By default, the attack list is empty. The attack list applies only to the switch on which
the list is configured. DWS-1008 switches do not share attack lists.
When on-demand countermeasures are enabled, only those devices configured in the attack list are
subject to countermeasures. In this case, devices found to be rogues by other means, such as policy
violations or by determining that the device is providing connectivity to the wired network, are not
attacked.
To add an entry to the attack list, use the following command:
set rfdetect attack-list
mac-addr
The following command adds MAC address aa:bb:cc:44:55:66 to the attack list:
DWS-1008#
set rfdetect attack-list 11:22:33:44:55:66
success: MAC 11:22:33:44:55:66 is now in attacklist.
To display the attack list, use the following command:
show rfdetect attack-list
The following example shows the attack list on a switch:
DWS-1008#
show rfdetect attack-list
Total number of entries: 1
Attacklist MAC
Port/Radio/Chan
RSSI SSID
-----------------------------------------------------------------------------------
11:22:33:44:55:66
dap 2/1/11
-53 rogue-ssid
To remove a MAC address from the attack list, use the following command:
clear rfdetect attack-list
mac-addr
The following command clears MAC address 11:22:33:44:55:66 from the attack list:
DWS-1008#
clear rfdetect attack-list 11:22:33:44:55:66
success: 11:22:33:44:55:66 is no longer in attacklist.
Summary of Contents for DWS-1008
Page 1: ......