Re: [76attendees] Wireless 'Deauth flood' attack detected in the ORCHID West.
sfaibish@comcast.net Tue, 10 November 2009 01:50 UTC
Return-Path: <sfaibish@comcast.net>
X-Original-To: 76attendees@core3.amsl.com
Delivered-To: 76attendees@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 30D103A67D3 for <76attendees@core3.amsl.com>; Mon, 9 Nov 2009 17:50:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7goqD-8D5qgd for <76attendees@core3.amsl.com>; Mon, 9 Nov 2009 17:50:18 -0800 (PST)
Received: from QMTA06.westchester.pa.mail.comcast.net (qmta06.westchester.pa.mail.comcast.net [76.96.62.56]) by core3.amsl.com (Postfix) with ESMTP id 900503A68E0 for <76attendees@ietf.org>; Mon, 9 Nov 2009 17:50:07 -0800 (PST)
Received: from OMTA04.westchester.pa.mail.comcast.net ([76.96.62.35]) by QMTA06.westchester.pa.mail.comcast.net with comcast id 3C9y1d01b0ldTLk56Dqa18; Tue, 10 Nov 2009 01:50:34 +0000
Received: from sz0036.wc.mail.comcast.net ([76.96.58.86]) by OMTA04.westchester.pa.mail.comcast.net with comcast id 3DqZ1d0091rdXlG3QDqZXU; Tue, 10 Nov 2009 01:50:34 +0000
Date: Tue, 10 Nov 2009 01:50:33 +0000
From: sfaibish@comcast.net
To: Masafumi OE <masa@fumi.org>
Message-ID: <1280575467.1864661257817833347.JavaMail.root@sz0036a.westchester.pa.mail.comcast.net>
In-Reply-To: <20091110011853.GC5380@anago.fumi.org>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_92554_1799250182.1257817833346"
X-Originating-IP: [133.93.19.114]
X-Mailer: Zimbra 5.0.18_GA_3076.RHEL5_64 (ZimbraWebClient - [unknown] (Win)/5.0.18_GA_3076.RHEL5_64)
Cc: 76attendees@ietf.org, ietf-noc@wide.ad.jp
Subject: Re: [76attendees] Wireless 'Deauth flood' attack detected in the ORCHID West.
X-BeenThere: 76attendees@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <76attendees.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/76attendees>, <mailto:76attendees-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/76attendees>
List-Post: <mailto:76attendees@ietf.org>
List-Help: <mailto:76attendees-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/76attendees>, <mailto:76attendees-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2009 01:50:20 -0000
It isn't me. I checked. Sorin ----- Original Message ----- From: "Masafumi OE" <masa@fumi.org> To: 76attendees@ietf.org Cc: ietf-noc@wide.ad.jp Sent: Monday, November 9, 2009 8:18:53 PM GMT -05:00 US/Canada Eastern Subject: [76attendees] Wireless 'Deauth flood' attack detected in the ORCHID West. All, We are detecting 'Deauth flood' from a client is having following MAC address in the ORCHID West. "00:0f:e2:02:1d:3d" / h54295 @ 09/11/10 10:07:39 This attack is consuming our valuable 2.4GHz radio resource. NOC team would like to investigate this client. please, people who owns this client contact to the Helpdesk in the terminal room or NOC in the UME(4th Floor). Thank you for your assistance. -- Masafumi OE/ NAOJ / WIDE On Mon, Nov 09, 2009 at 08:02:33PM +0900, Masafumi OE wrote: > Dear IETF-folks, > > If you have any issue on the IETF76 WiFi, please > contact to NOC staff. > > Your comment and suggestion are welcome. > > > 2009/11/09 > #1 > If people continue roaming in the venue, packet loss > late on the client is growing up. Client is required > rebooting to solve. XP on Thinkpad T500 with Intel > WiFi link 5300 is associating with 5GHz band (802.11an). > > #2 > Rouge RA clients > see 76attendees@ietf.org ML > > #3 > Someone plug off the power of WiFi AP in the 1F lobby. > DON'T PLUG OFF ANY CABLE IN THE VENUE. > Thank you for your cooperation. > > -- > Masafumi OE, Astronomy Data Center, NAOJ. > _______________________________________________ > 76attendees mailing list > 76attendees@ietf.org > https://www.ietf.org/mailman/listinfo/76attendees -- Masafumi OE, Astronomy Data Center, NAOJ. _______________________________________________ 76attendees mailing list 76attendees@ietf.org https://www.ietf.org/mailman/listinfo/76attendees