Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Down with DHCP!!!!

from [Brian Loe] Network Security [Permanent Link]
Subject: Re: Down with DHCP!!!!
Date: Wed, 22 Feb 2006 08:38:46 -0600 
Since twenty people asked off-list, I'll just tell you that the
software we're currently using for logging/tracking of MAC/IPs is
Cacti (cacti.org I believe) and the add-on called "MacTrack".

The desktop group here actually uses their AV software to detect rogue
computers - scanning machines to verify the AV software is installed
and has the latest definitions (obviously, if it doesn't, it's not one
of theirs). This isn't free.

On 2/21/06, Brian Loe <knobdy@gmail.com> wrote:

I would make jokes about your last comment, but I'm too weirded out by
this whole thread to even try. The company I work for, which is hardly
at the forefront of security, can tell you when a new machine is added
to the network, the instant it is added. Very soon, we'll be
implementing port security on all of our switches and a centralized
log server to gather data from every device on our network.

Your reasons for wanting to dump DHCP are as flawed as the original
poster's reasoning. Right now I can log into a FREE piece of software
I have implemented here and tell you what MAC address had which IP
address - for any period of time going back 2 weeks (and I could
configure it to keep the records longer). Eventually everything will
be getting logged in such a way that I'll be able to tell you when an
"incident" occured, on what network, via which MAC address on which
port of which switch...etc. I will be doing all of this with freely
available, open source code that you could download and install right
now...if you were in a position to do so.


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  What addresses to put on my NEW black list?, phunked up!
Next by Date:  Re: Down with DHCP!!!!, gigabit
Previous by Thread:  RE: Down with DHCP!!!!, Mitch Pope
Next by Thread:  Re: Down with DHCP!!!!, carowe
Indexes:  [Date] [Thread] [Top] [All Lists]