rightnow we are having around 80 customer on 2 of our POPs,
What i concern is, someone using SM than tick all the freq on config page, than scan the freq. The “unauthorized” SM sure will see my AP’s, and surely they will try to registered.
What should i do? to prevent “un-authorized” SM to scan all of my AP? and try to registered or do something bad to our network? :?
regards
well use authinication to start with and if you can ever catch them logged on get there mac address if you can and use some method to block that mac address and i am sure there are a ton of others.
ken
Info-Ed
You can block the ap aval by checking this box in your ap
SM Scan Privacy Disable SM Display of AP Eval Data
This will keep sm’s from seeing you, set your color code’s don’t allow your customers access in their sm’s.
The intruder would need to know your freq, ip string, gateway,dns and color code to get in.
If you check your sessions you will see if someone is registered that you don’t allow. once registered it will keep the sm mac # even if he log’s off.
Keep an eye out for him registered look in sessions for the distance he is from your tower and you will find him.
"Keep an eye out for him registered look in sessions for the distance he is from your tower and you will find him…"
Sounds like movie… 8)
is the “airlink security enable/disable” make difference? since all motorola gears undetectable?
The problem is, if you enable the “Disable SM Display of AP Eval Data” it will block the seeing of your AP in that mode, but if you put your SM in alignment mode, it will find tell you the color code of any Ap out there.
That’s how I found all of my competition.
Yep, but have you ever had anyone hack your system and surf the web?
any comment from motorolla support?
more and more wisp using motorolla gears rightnow, every corner i look around there is at least one reflector dish…
Need some inputs regarding this too, please if there is anybody out there who has some ideas.
mnet,
moose is right, most people tend to get frustratred after a while and don’t do this step.
Also just to rectrify something that clueless mentioned, they do not need to know you IP address blocks in order to get onto your network. There are network tools called packet sniffers, ex: ethereal and wireshark, which will show you all of the traffic that hits your ethernet port, even if you don’t have a proper IP address entered into your system. Port scanners can also help in determining what something is but a good stream of data can tell someone alot about your network.
I would suggest thinking about implementing something like BAM for SM authentication, or a PowerNoc or Netenforcer for traffic shaping which you can do by clients MAC address of there router or PC.
I don’t believe that I have been “hacked”. I have gotten into my competitions site and did a little surfing. Thought that was to easy, so we are implemnting Prizm. Just about to turn all control of the system to a computer… 
I know it sucks but it’s the only way to stop an unauthorized SM from sending data on your network. :?
Too bad they couldn’t have stuck a MAC access control like how most routers have, only the MAC’s of SM’s that would be stuck in the access control table of the AP would be able to register. That would have made more sense. Then if we want the bandwidth applications that Prizm and BAM can offer than sell us the server and the license. Sounds like a pain to have it not centrally located, but it would save, network traffic, server resources and some $$$. 8).
Just a quick reminder - make sure your installers know all the secret-stuff 
so that when they go out to do an install, they don’t call you and say they can’t see the AP…funny stories come out of the Canopy Technical Classes about this…“oops - forgot to tell the installer-on-vacation” kind-of-stuff…
Small/silly thing, but funny to hear about in class…
Good news - kids buying SMs off eBay can’t -easily- see/get-into your network
Bad News - your staff needs to see/get-into your network
Prizm/BAM is the first-class way to do this (as moose points out above)…you can get a free-trial to see how you like it…not for the “I buy my Office/Operations applications in-a-box” kind of person, though…
Too bad they couldn't have stuck a MAC access control like how most routers have, only the MAC's of SM's that would be stuck in the access control table of the AP would be able to register.
I was thinking about that the other day...that would make 10x more sense to me logically, but not financially (for them atleast).