I spent over a week and swapped out access points three times troubleshooting
frequent network drops and disabled laptop wireless cards.
Turns out the network was being attacked:
A hospital had rented space in the same building as one of Brian’s clients,
and the hospital has a Cisco device which detects any nearby access points and
targets them as “rogues” and then hits them with a death flood.
We had to call the hospital and give them our MAC address so they would
classify us as a “friendly” access point and stop hammering us. This is
likely
to become an issue with anyone who uses this Cisco system, such as hospitals,
govt. security acencies, or mega-corporations.
I think the hospital uses a Cisco SWAN WLAN IDS, which “quickly detects,
locates, and automatically shuts down rogue access points.”
See below:
"Jamming for Defense
One a side note, jamming is not just for malicious use. One way of
controlling
rogue access points in an enterprise is the flooding of packets to client
devices that are connected to a rogue access point. Some current wireless
network vendors include a method for creating a denial-of-service situation
for unauthorized wireless implementations by sending packets with the same
characteristics as a valid access points with disassociate packets. These
packets fool the client into thinking that the rogue access point doesn’t
want
to communicate with the device anymore, effectively killing network
connectivty before it can be established. This is a very powerful feature
that
must be used carefully, as legal and political repercussions could arise."
We think the hospital may be breaking the law:
The operation of transmitters designed to jam or block wireless
communications is a violation of the Communications Act of 1934, as
amended (“Act”). See 47 U.S.C. Sections 301, 302a, 333. The Act
prohibits any person from willfully or maliciously interfering with the
radio communications of any station licensed or authorized under the Act
or operated by the U.S. government. 47 U.S.C. Section 333. The
manufacture, importation, sale or offer for sale, including advertising,
of devices designed to block or jam wireless transmissions is
prohibited. 47 U.S.C. Section 302a(b). Parties in violation of these
provisions may be subject to the penalties set out in 47 U.S.C. Sections
501-510. Fines for a first offense can range as high as $11,000 for each
violation or imprisonment for up to one year, and the device used may
also be seized and forfeited to the U.S. government.
Spread the word to all your tech buddies to be on the lookout for this
if you have any clients near hospitals, etc.