The Security Monitor - Event Log Tab
Configure the event logging options for security monitor.
E-mail Notification
Recipient To. Enter the
•Rogue AP Detected. Indicates a rogue access point has been detected.
•AP SSID Changed. Indicates the Access Point’s SSID has been changed.
•Spoofed MAC Address. Indicates another device is using the AP’s MAC address to send out packets.
•Client is Sending Spurious Traffic. Indicates an unassociated client is sending out frames to the AP.
•Adhoc SSID same as AP. Indicates an Adhoc network uses the same SSID as the AP.
•Adhoc Network Operating. Indicates when a STA is advertising a
•Rogue Client Detected. Indicates when a STA is conducting an illegal transaction with an AP.
•Default SSID in use. Indicates when the default SSID is in use on an AP.
•Association Table Full. Indicates an AP refused a new STA association due to resource unavailability.
•Low Speed Connection. Indicates when a STA is transmitting data at a much slower rate set by AP.
•New Client Detected. Indicates a new STA is associated with an AP.
•New Access Point Detected. Indicates a new AP has been detected joining the network.
•Duration Attack. Indicates a STA packet contains an abnormally large duration value in the 802.11 header.
•AP is Not Using Encryption. Indicates when an AP has wireless security disabled.
•AP Channel Changed. Indicates when an AP changes its wireless channel.
•AP Broadcasting SSID. Indicates when SSID broadcasting is enabled on an AP.
Chapter 6: Configuring the
Figure 6-21: Security Monitor - Event Log
32
The Security Monitor - Event Log Tab