[My wifi is being attacked]

Ok so, what can you tell me about this "azalo" SSID huge ammounts of beacons and 100 RXQ, could that be a problem?

[My wifi is being attacked]

Every 5 minutes or so...

[My wifi is being attacked]

Anyone? pls... :(

[My wifi is being attacked]

Ok so I scanned the network for about 2 or 3 hours and this is what I got:

Today i'm having network issues aggain, the packet loss appeared...

What else can I test?

[My wifi is being attacked]

Can you run your wireless card in monitor mode and use Wireshark with the following display filter "wlan.fc.type_subtype eq 12"? Let that run a while and see how much it fills up. That should filter and show only deauthentication packets on the wifi side. If you see them being flooded constantly, then I'd say you may be getting attacked, but if they are random and far apart in times, then probably not getting deauthed/attacked from the wifi side and may be some other issue in that part of the building with interference to the wifi reception.

Could also try moving the AP to another part of the room and if possible, changing its range/power/antenna output to a smaller area. I know on my home router I can change the Tx power in mw's which will change its effective reach, so if its someone outside the building doing it, you may be able to reduce their reach depending on their radio/antenna's reach itself. Not guaranteed to help but just a thought.

Thanks for all the fast responses!

I'm currently scanning with wireshark... in an hour or so ill show my results.

[My wifi is being attacked]

Is the BSSID that the DoS refers to one of yours?

@dimacofi is just a probe request, a device in the area asking if an AP with the ESSID of that name is out there. An AP with that name has been seen twice by Wigle, both times near Andres Bello or Vitacura. Is that anywhere near your office?

The BSSID of the DoS doesnt refer to mine...

@Dimacofi is mine and yeah, that is near my office. Thanks for the clearing on the probe, I dont understand much about what Kismet is saying.

[My wifi is being attacked]

Guys check this:

I've just changed the channel from 11 to 6 then this appears, a warning of a possible DoS and then a @dimacofi SSID with a mac I don't recognize as any of my APs appears...

Also note that the moment i changed channel i started to test pings and web pages and streamings and all works ok... i'll just have to wait a while till it starts to be bad again.

[My wifi is being attacked]

Well, the one that is causing troubles now is in channel 11 an the rest are all in channel 3...

The on that is causing the problem the ap that is on channel 11.

[My wifi is being attacked]

Hi guys, I hope you can help me a bit with my problem. First of all sorry for my bad english, i'm Chilean, so i'll try my best to write as it should be.

Well the problem i'm having is the following, I have a corporate Wifi running in my office with 5 Unifi UAP Access Points in different locations, all with the same SSID and channel. This is all commanded by a Mikrotik router that has a hotspot running and its delivering DHCP to the clients and the APs. The thing is that just in a specific area of the office (where I work) wifi just can't be used, it has packet loss of about 50% or more and just can't be used...

I've started making some changes, like changing channels, flashing the ap firmware, etc... Currently the AP has Openwrt and everything I do seems to remove the problem for some hours and then it happens again.

Yesterday I disconected the AP an configured another SSID and used on my laptop an cellphone all day and it worked ok! so that lead me to believe that someone is attacking the office wifi SSID speccifically.

What can I do to diagnose this?

I hope you guys can help me.