Perhaps we are near the point that registering SSIDs similar to a call sign is 
required, which then warrants the use of security options. If you have a SSID 
named HARVARD and someone is using that same SSID within your 'territory' then 
it is obviously them being malicious. How that could be against regulation is 
beyond me. Likely, if you have policies in place that prohibit non-administered 
WLANs on your wired network then you should be able to use security measures to 
stop them as well. 

Both of these scenarios increase security risks for users and protecting them 
should be paramount in my opinion. They are also much different than the 
Marriott situation. 

-----Original Message-----
From: The EDUCAUSE Wireless Issues Constituent Group Listserv 
Sent: Tuesday, April 10, 2018 3:58 PM
Subject: [WIRELESS-LAN] Rogue Containment (Was Re: Handling Wifi Deauth Attacks)

On Apr 3, 2018, at 10:42 AM, Kenny, Eric <> wrote:
> §333. Willful or malicious interference No person shall willfully or 
> maliciously interfere with or cause interference to any radio communications 
> of any station licensed or authorized by or under this chapter or operated by 
> the United States Government.
> (June 19, 1934, ch. 652, title III, §333, as added Pub. L. 101–396, 
> §9, Sept. 28, 1990, 104 Stat. 850.)

This quote reminded me of an issue we've discussed on this list previously: 
containing or deauthenticating rogue devices.  I've changed the thread subject 
because this is a case where the WLAN operator is "interfering with" others 
(rather than being the victim).

I've spoken informally with several people about this, and most feel that 
deauth for security reasons is OK.  However, the letter of the law does not 
appear to have any sort of exemption.  With the FCC consent decree against 
Marriott, I'm uncertain when (or if) it is OK to fight back against security 

I reached out to the FCC to ask if they could clarify their stance and let me 
know if there were any circumstances where deauths were appropriate and not 
illegal.  The FCC's response (and my initial questions) are below.  
Unfortunately, they had no firm guidance on this issue and suggested I contact 
other groups.

Before I do that, does anyone on this list have any more conclusive guidance 
that they've already found?



=============== FCC Response ===============

Hi Jason,

The majority of FCC decisions concerning “jamming” involve signal jammers that 
emit random RF noise, rather than Wi-Fi equipment that transmits 
deauthentication frames, so jammerinfo may not be the best source.  The only 
official FCC guidance comes in the form of rules, orders, or other Commission 
pronouncements, and I’m not aware of any that speak directly to your questions. 

Unlike signal jammers, which never receive an FCC equipment authorization, 
Wi-Fi equipment is designed to enable, not interfere with, communications.  The 
deauthentication feature is inherent to Wi-Fi operation and does not prevent 
FCC certification.  However, even an authorized device, whether transmitting on 
licensed or unlicensed spectrum, can be operated in a manner that violates FCC 
rules.  Thus, some enterprise equipment manufacturers have warned network 
administrators that improper use of deauthentication could land them in hot 

One takeaway from the Marriott case was that a business may not block hotspots 
indiscriminately or for commercial gain.  Unfortunately, that case does not 
speak to whether private schools may do so under the circumstances you’ve 
presented below.  With respect to security matters, shortly after Marriott was 
fined, the American Hotel & Lodging Assoc. filed an FCC petition asking for 
clarification on the network management measures that a hotel network 
administrator may lawfully take to secure the network from spoofers, honeypot 
attacks, etc.  Though some parties assert that the group sought a rule that 
would allow extensive blocking, the petitioners asserted that it would be 
unreasonable to block hotspots that were not posing a security threat.  (The 
petition and comments from interested parties in proceeding RM-11737 can be 
accessed on the Commission’s website,
 .)  Under that interpretation, blocking all hotspots would only be permitted 
if each hotspot was individually deemed to pose a threat to network security.  
In any event, this petition was later withdrawn, so no declaratory ruling was 
issued and no limits were set in that proceeding.

With respect to adjacent or cochannel interference, Wi-Fi operates on shared 
unlicensed frequencies, with no user having a greater right to use those 
frequencies.  Section 15.5(b) of the rules ([
  ]47 CFR § 15.5(b)) essentially provides that authorized equipment operating 
in unlicensed bands must accept interference from other authorized equipment.  
This rule appears to presume that normal co-channel interference is to be 
expected and accepted from nearby Wi-Fi networks.  

I would suggest contacting our substantive policy-making offices, such as the 
Wireless Telecommunications Bureau; they may be able to point you toward any 
specific guidance.  And since this is an issue that school administrators 
across the nation must be tackling, I would also suggest contacting the 
relevant education policy groups.  They may have already developed some 
suggested best practices that are tailored to the needs and objectives of the 
education community.




Kevin M. Pittman
Spectrum Enforcement Division
Enforcement Bureau
Federal Communications Commission

=============== Original Request ===============

I am responsible for the operation of a Wi-Fi network at a private high school. 
 I've recently learned of this notice:
I was previously aware of the enforcement against Marriott, but was under the 
assumption that it related specifically to blocking hotspots in an attempt to 
coerce people to use a paid service while on the hotel's premises.  However, 
after reading the above notice, and other similar notices on the FCC site 
regarding interference, I have some questions.  I want to make sure that we are 
operating within the guidelines from the FCC while also providing robust 
services for our users.

In short, are there ANY circumstances where a Wi-Fi system is allowed to 
deauthenticate ("interfere with") other stations?  The notices on your web site 
make it seem that the answer is "no", however:

1) Many of the notices pertain specifically to licensed frequency use (cell 
phone and GPS jamming), not unlicensed spectrum.  Additionally, I understand 
the concern regarding emergency communications (911), but I'm not sure if Wi-Fi 
meets that same level of imporance and expected availability.
2) The notice above specifically mentions Marriott blocking Wi-Fi without a 
valid security concern.  We have a written policy forbidding students from 
accessing the internet during certain periods of the day, and shut off their 
access during these times.  Students setting up their own hotspots are 
attempting to evade this policy and thus are committing a "security" violation.
3) Additionally, some students impersonate our public SSIDs in an attempt to 
spoof clients or avoid detection.  This is an even clearer security issue, and 
also involves the students willfully interfering with us.
4) The notice above mentions "commercial establishments".  We are a private 
institution and provide our Wi-Fi free of charge.  Any hotspot is therefore 
redundant and only degrades overall performance through co-channel interference.

THe FCC regulations prohibit the sale of equipment designed to cause willful 
interference.  My understanding is that most enterprise WLAN systems afford the 
capability to contain, mitigate, or otherwise "interfere" with rogue stations.  
As those features continue to exist (the systems are still sold and the feature 
is advertised), am I right to assume that there are some conditions where their 
use is appropriate and allowed by the FCC?
Does the FCC have any written guidance regarding the use of these mitigation 
features of WLAN systems?  If not, can you provide any clarification via email?
With your permission, I would also like to share any answers with WLAN 
operators at other educational institutions, as I believe there are some 
misconceptions in the community regarding the FCC regulations specifically as 
they apply to Wi-Fi networks.
Thank you for your time,

Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at

Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at

Reply via email to