Skip to main content
Version: 1.1.x

UNEXPECTED_SSID

Summary#

One of our stations (access points) is advertising a SSID (network name) that we did not expect. An attacker might have gained access to access point configuration and could have created a new wireless network. This alert can also indicate actions of an attacker who is not careful with the spoofing of BSSIDs (hardware addresses) of access points.

Possible False Positives#

  • A new network (for example, a guest network) was created by a legitimate administrator and the nzyme configuration has not been updated yet.

Notes#

  • None

See Also#