Cisco Dot11 Wireless Intrusion Detection System Eapol Flood Client Mac

1.3.6.1.4.1.9.9.456.1.1.7.1.2

This object identifies the MAC address of the wireless client that has made the maximum number of authentication attempts in the duration specified by the cDot11WidsEapolFloodInterval object. At the end of each interval time indicated by cDot11WidsFloodInterval, the 802.11 station checks whether the total count of the number of authentication attempts made by all the clients exceed the threshold configured through the object cDot11WidsEapolFloodThreshold. If yes, then the agent populates this MIB object with the MAC of the wireless client that has made the maximum number of authentication attempts in that interval. When the flood event is observed to be stopped, as indicated by a non-zero value for the cDot11WidsEapolFloodStopTime object, this object indicates the MAC of the wireless client that has made the maximum number of attempts for the entire duration of the flood observed between the times indicated by the objects cDot11WidsEapolFloodStartTime and cDot11WidsEapolFloodStopTime respectively.