Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Linux
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Network "Change Management"

from [Evan Pierce] Network Security [Permanent Link]
Subject: RE: Network "Change Management"
Date: Thu, 16 Sep 2004 23:15:23 +0200 
Dave

Why not rather restrict DHCP to an allowed list of MAC addresses? And lock a
specific port onto a specific MAC address or if you have too many users that
are mobile (plug into many different ports) use EAP or 802.1x authentication
from the switch to a Radius server and block things that way. Most modern
switches will allow this.

Thanks
Evan

-----Original Message-----
From: Dave Torre [mailto:dtorre@fostercity.org] 
Sent: 14 September 2004 07:53 PM
To: focus-linux@securityfocus.com
Subject: Network "Change Management"

Does anyone know of a Linux utility that can watch the MAC address tables in
Cisco switches and alert admins as to when a new device has been plugged in?

Basically, we have your standard client network with DHCP. Internet access
is restricted to authenticated users, and so are the file shares.
However, we've had a few instances where people just plug in their personal
laptops which makes me very worried...

Any thoughts/suggestions as to how I can monitor such events in real time?

Thanks,
-Dave
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Network "Change Management", Darrell Hyde
Next by Date:  Re: Network "Change Management", okeeffe
Previous by Thread:  RE: Network "Change Management", Darrell Hyde
Next by Thread:  RE: Network "Change Management", Jose Hidalgo Herrera
Indexes:  [Date] [Thread] [Top] [All Lists]