Dick-move, Steve. ;) -Ty
-Ty On Tue, Mar 8, 2016 at 9:19 AM, That One Guy /sarcasm < thatoneguyst...@gmail.com> wrote: > If it were verifiable that a competitor were the cause of this, whether > maliciously or as a bybroduct of a security mechanism, is there legal > recourse for something like this? > > I used to have rogue AP detection and mitigation turned on at my house on > a router connected to an external omni on my roof.. dick move. I would add > APs to the mitigation list and eventually I would see the sam or similar > ESSID pop up on a different MAC indicating they got a new router. In > retrospect, it really wasnt funny. > > On Tue, Mar 8, 2016 at 9:10 AM, Mike Hammett <af...@ics-il.net> wrote: > >> Anyone with a laptop and a Linux live disc also has that feature. :-) >> >> >> >> ----- >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> ------------------------------ >> *From: *"Rory Conaway" <r...@triadwireless.net> >> *To: *af@afmug.com >> *Sent: *Tuesday, March 8, 2016 9:03:20 AM >> >> *Subject: *Re: [AFMUG] I might be under attack by a competitor >> >> I haven’t seen one on a Ubiquiti AP which is why I asked but when I get >> back in town next week, I’m going to set it up so I can see how it works. >> Our Xirrus radios have that feature. >> >> >> >> Rory >> >> >> >> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Mike Hammett >> *Sent:* Tuesday, March 08, 2016 6:02 AM >> *To:* af@afmug.com >> *Subject:* Re: [AFMUG] I might be under attack by a competitor >> >> >> >> When a deauth is happening, the laptop doing the deauth impersonates the >> AP, telling the client to disconnect. What I see below doesn't look like a >> deauth attack. >> >> >> >> ----- >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> [image: http://www.ics-il.com/images/fbicon.png] >> <https://www.facebook.com/ICSIL>[image: >> http://www.ics-il.com/images/googleicon.png] >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[image: >> http://www.ics-il.com/images/linkedinicon.png] >> <https://www.linkedin.com/company/intelligent-computing-solutions>[image: >> http://www.ics-il.com/images/twittericon.png] <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> [image: http://www.ics-il.com/images/fbicon.png] >> <https://www.facebook.com/mdwestix>[image: >> http://www.ics-il.com/images/linkedinicon.png] >> <https://www.linkedin.com/company/midwest-internet-exchange>[image: >> http://www.ics-il.com/images/twittericon.png] >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> [image: http://www.ics-il.com/images/fbicon.png] >> <https://www.facebook.com/thebrotherswisp>[image: >> http://www.ics-il.com/images/youtubeicon.png] >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> ------------------------------ >> >> *From: *"timothy steele" <timothy.pct...@gmail.com> >> *To: *af@afmug.com >> *Sent: *Tuesday, March 8, 2016 6:28:42 AM >> *Subject: *Re: [AFMUG] I might be under attack by a competitor >> >> 04:18:d6:e4:c0:15 Is a ubnt Mac sure you don't own that Mac? In the >> client list you should see it pop up now and then maybe pop up a fake ap >> with same said with passphrase ubnt should connect then you can get into >> the network of who ever is doing it >> >> >> >> On Tue, Mar 8, 2016, 7:14 AM Gino Villarini <ginovi...@gmail.com> wrote: >> >> are you running 802.11n or airmax? >> >> >> >> On Tue, Mar 8, 2016 at 1:44 AM, Rory Conaway <r...@triadwireless.net> >> wrote: >> >> I’m almost done doing that. This should be interesting. >> >> >> >> Rory >> >> >> >> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Jaime Solorza >> *Sent:* Monday, March 07, 2016 9:55 PM >> *To:* Animal Farm <af@afmug.com> >> *Subject:* Re: [AFMUG] I might be under attack by a competitor >> >> >> >> Change your ssid and hide it... >> >> On Mar 7, 2016 9:05 PM, "Rory Conaway" <r...@triadwireless.net> wrote: >> >> Received disassoc from 04:18:d6:e4:c0:15. Reason: Disassociated because >> sending STA is leaving (or has left) BSS (8). >> >> Feb 13 07:17:43 wireless: ath0 STA-TRAFFIC-STAT mac=04:18:d6:e4:c0:15 >> rx_packets=633675 rx_bytes=116857546 tx_packets=2225222 tx_bytes=3041234063 >> >> Feb 13 07:17:43 wireless: ath0 Expired node:04:18:D6:E4:C0:15 >> >> Feb 13 07:17:43 hostapd: ath0: STA 04:18:d6:e4:c0:15 IEEE 802.11: >> disassociated >> >> Feb 13 07:17:43 wireless: ath0 Sending deauth to 04:18:d6:e4:c0:15. >> Reason: Class 2 frame received from nonauthenticated STA ( >> >> >> >> *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *Rory Conaway >> *Sent:* Monday, March 07, 2016 9:03 PM >> *To:* af@afmug.com >> *Subject:* [AFMUG] I might be under attack by a competitor >> >> >> >> I have a couple of customers off the same Ubiquiti Rocket 5 AP that have >> been having an issue the last couple days with going offline for a short >> time and then reconnecting and coming back online. I pull the logs on the >> AP and see a bunch of handshaking and several of these. I’m pretty sure >> this is what happens when an enterprise radio does Rogue Access Point >> Suppression. Am I reading this right or is there something I’m not aware >> of like a bad CPE that can cause this? >> >> >> >> Rory >> >> >> >> >> >> >> >> >> >> > > > -- > If you only see yourself as part of the team but you don't see your team > as part of yourself you have already failed as part of the team. >
