The brute-force-detect quiet-time command sets the quiet time for an AP to report brute force key attacks to an AC.
The undo brute-force-detect quiet-time command restores the default quiet time for an AP to report brute force key attacks to an AC.
By default, the quiet time for an AP to report brute force key attacks to an AC is 600 seconds.
Parameter |
Description |
Value |
|---|---|---|
quiet-time-value |
Specifies the quiet time for an AP to report brute force key attacks to an AC. |
The value is an integer that ranges from 60 to 36000, in seconds. |
Usage Scenario
After attack detection is enabled on an AP, the AP reports alarms upon attack detection. If an attack source launches attacks repeatedly, a large number of repeated alarms are generated. To prevent this situation, configure the quiet time function for attack detection. When detecting attack sources of the same MAC address, the AP does not report alarms in the quiet time. However, if the AP still detects attacks from the attack source after the quiet time expires, the AP reports alarms. You can set the quiet time based on attack types.
To obtain attack information in a timely manner, set the quiet time to a small value. If attack detection is enabled on many APs, and attacks are frequently detected, set the quiet time to a large value to prevent frequent alarm reports.
Follow-up Procedure
Run the undo dynamic-blacklist disable command to enable the dynamic blacklist function.
# Set the quiet time for an AP to report brute force key attacks to an AC to 300 seconds.
<HUAWEI> system-view [HUAWEI] wlan [HUAWEI-wlan-view] ap-group name office [HUAWEI-wlan-ap-group-office] radio 0 [HUAWEI-wlan-group-radio-office/0] wids attack detect wpa-psk enable [HUAWEI-wlan-group-radio-office/0] quit [HUAWEI-wlan-ap-group-office] quit [HUAWEI-wlan-view] wids-profile name huawei [HUAWEI-wlan-wids-prof-huawei] brute-force-detect quiet-time 300