Rogue Detection and Countermeasures 547Nortel WLAN Security Switch 2300 Series Configuration GuideConfiguring an Attack ListThe attack list specifies the MAC address of devices that WSS Software should issue countermeasures against wheneverthe devices are detected on the network. The attack list can contain the MAC addresses of APs and clients.By default, the attack list is empty. The attack list applies only to the WSS switch on which the list is configured. WSSswitches do not share attack lists.To add an entry to the list, use the following command:set rfdetect attack-list mac-addrThe following command adds MAC address aa:bb:cc:44:55:66 to the attack list:23x0# set rfdetect attack-list 11:22:33:44:55:66success: MAC 11:22:33:44:55:66 is now in attacklist.To display the attack list, use the following command:show rfdetect attack-listThe following example shows the attack list on WSS switch:23x0# show rfdetect attack-listTotal number of entries: 1Attacklist MAC Port/Radio/Chan RSSI SSID----------------- ----------------- ------ ------------11:22:33:44:55:66 dap 2/1/11 -53 rogue-ssidTo remove a MAC address from the attack list, use the following command:clear rfdetect attack-list mac-addrThe following command clears MAC address 11:22:33:44:55:66 from the attack list:23x0# clear rfdetect attack-list 11:22:33:44:55:66success: 11:22:33:44:55:66 is no longer in attacklist.