On 10/4/2014 12:23, Jay Ashworth wrote:
----- Original Message -----
From: "Majdi S. Abbas" <msa@latt.net>
I've seen this in a few places, but if anyone encounters similar behavior, I suggest the following:
- Document the incident. - Identify the make and model of the access point, or controller, and be sure to pass along this information to the FCC's OET: http://transition.fcc.gov/oet/
Vendors really need to start losing their US device certification for devices that include advertised features that violate US law. It would put a stop to this sort of thing pretty quickly.
Majdi makes an excellent point, but I want to clarify it, so no one misses the important subtext:
It is OK for an enterprise wifi system to make this sort of attack *on rogue APs which are trying to pretend to be part of it (same ESSID).
It is NOT OK for an enterprise wifi system to make this sort of attack on APs which *are not trying to pretend to be part of it* (we'll call this The Marriott Attack from now on, right?)
Rogue AP prevention is a *useful* feature in enterprise wifi systems... but *that isn't what Marriott was doing*.
I can agree that prevention of foreign attachments to a net work is morally OK. -- The unique Characteristics of System Administrators: The fact that they are infallible; and, The fact that they learn from their mistakes. Quis custodiet ipsos custodes