I am starting to have a sinking feeling in my stomach that we're in for a growing amount of pain.
The culprit: rogue AP suppression gone wild. [Background: The most common form of rogue AP suppression seems to be monitoring for client associations to the rogue AP, then sending a deauth/deassociate to the client, spoofing the AP, and to the AP, spoofing the client.] In at least two cases in the last few weeks, it seems that a generic "wireless problem" is being caused by someone's misguided attempts to use rogue AP suppression in shared spaces. In one case, a shared facility with many wireless networks. In another, my home. (Seems my neighbors may not be as friendly net-wise as they are in person.) Is anyone else seeing similar trends? I am growing increasingly afraid that vendors are making it too easy to switch on rogue suppression, which seems to hit a primordial chord with many. For reference, what I am observing is a client receiving a string of deauthentication packets, nominally from the connected AP but obviously not intentionally. I have no problem with the use of wireless infrastructures to identify rogues, but what do people think about the use of suppression mechanisms? Thoughts? -Kevin ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
