< Home

dynamic-blacklist disable

Function

The dynamic-blacklist disable command disables the dynamic blacklist function.

The undo dynamic-blacklist disable command enables the dynamic blacklist function.

By default, the dynamic blacklist function is enabled.

Format

dynamic-blacklist disable

undo dynamic-blacklist disable

Parameters

None

Views

WIDS profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Attack detection is enabled to detect flood attacks, weak IV attacks, spoofing attacks, and brute force key cracking attacks. When detecting attacks initiated by a device, an AP reports an alarm to the AC. In addition, you can run the undo dynamic-blacklist disable command to enable the dynamic blacklist function on the AC for handling flood attacks and brute force key cracking attacks. The AC then automatically adds the attacking device to a dynamic blacklist and discards packets sent from the attacking device till the dynamic blacklist ages out.

An AP can use the dynamic blacklist to filter out the blacklisted wireless devices to avoid malicious attacks.

Follow-up Procedure

Run the dynamic-blacklist aging-time command to set an aging time for the dynamic blacklist.

Example

# Enable the dynamic blacklist function.

<HUAWEI> system-view
[HUAWEI] wlan
[HUAWEI-wlan-view] wids-profile name huawei
[HUAWEI-wlan-wids-prof-huawei] undo dynamic-blacklist disable
Parent Topic: WLAN Security Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >