RE: Scan for "outsider" Pcs on network



If security is paramount then you would want to setup your switching fabric
to perform MAC based restrictions by port. This is one of the best ways of
making sure you know what's hooked up. Anyone just trying to hook up to a
port will get nowhere.

Of course, this doesn't prevent someone from going up to a machine that's
already allowed on the 'net and doing what ever they please.

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of Lim Ming Wei
Sent: Saturday, September 09, 2006 5:08 AM
To: dhamm@xxxxxxxxxxxxxxxxxx; focus-ids@xxxxxxxxxxxxxxxxx
Subject: RE: Scan for "outsider" Pcs on network

I come across a program call air-snare that is able to detect that. But you
will need to have a list of all your systems mac address. It is like an IDS
program. I believe that most of the IDS program is able to do that.


-----Original Message-----
From: dhamm@xxxxxxxxxxxxxxxxxx [mailto:dhamm@xxxxxxxxxxxxxxxxxx]
Sent: Friday, March 03, 2006 7:48 AM
To: focus-ids@xxxxxxxxxxxxxxxxx
Subject: Scan for "outsider" Pcs on network

Is there a way to setup a scan and be notified of an intruding pc that is
physically plugged into the network? When you have an enviroment with a
large amount of network jacks, it's hard to make sure the ones no longer in
use are turned off, and that no "visitors" have sat down to use your network
connections, esp. if you have a large amount of contractors in and out. It
got me to searching the net, and so far I have found one cemmercial product
that can do it, but nothing else. Any suggestions?

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=in
tro_sfw
to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------



Relevant Pages

  • Re: A question about a basic security setup...
    ... > I have been thinking about a setup for my basic ADSL network at home that ... > before I go through motions of setting up the network. ... > I am running a web server on port 80. ... > machine for all port 80 requests. ...
    (Security-Basics)
  • RE: How to find a changing IP on ethernet network
    ... called "port security". ... tell it how many MAC ... to issue an SMTP trap to your Network Management ...
    (Security-Basics)
  • Re: Airport Express-Airtunes via a Linksys WAG54G Router/Gateway
    ... connect it to my existing wireless network in client mode. ... As soon as I have completed the setup using Airport Setup Assistant, ... namely using MAC addresses. ...
    (comp.sys.mac.comm)
  • Re: Networking over mains cables
    ... blocking just about every port except the basic ones needed to ... without blocking him completely it was useable. ... When entering a network key, ... allow the MAC addresses of the machines I know about. ...
    (comp.sys.acorn.networking)
  • Re: How Do I Keep Private Computers Off of Our Network?
    ... I recommend enabling port security on on all the switches; ... port to the system's MAC address and then disabling the unused ports. ... If you really need to lock it down then Network Access Control through ... are using their business computer's wired connection to connect ...
    (microsoft.public.windows.server.active_directory)