Re: Network "Change Management"
From: Sam Baskinger (sam_at_reefedge.com)
Date: 09/16/04
- Previous message: Darrell Hyde: "RE: Network "Change Management""
- In reply to: Dave Torre: "Network "Change Management""
- Next in thread: Evan Pierce: "RE: Network "Change Management""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 16 Sep 2004 14:05:07 -0400 To: Dave Torre <dtorre@fostercity.org>
Hi Dave and Folks,
The "canonical" solution is to put an IDS on a monitoring port on the
Cisco. That device will see all traffic on the switch and you can run
something like arpd. The nice thing about this is that there is no
polling involved. When a new PDU appears the arpd can take action
immdiately.
Hope this helps.
Sam
Dave Torre wrote:
>Does anyone know of a Linux utility that can watch the MAC address
>tables in Cisco switches and alert admins as to when a new device has
>been plugged in?
>
>Basically, we have your standard client network with DHCP. Internet
>access is restricted to authenticated users, and so are the file shares.
>However, we've had a few instances where people just plug in their
>personal laptops which makes me very worried...
>
>Any thoughts/suggestions as to how I can monitor such events in real
>time?
>
>Thanks,
>-Dave
>
>
- Previous message: Darrell Hyde: "RE: Network "Change Management""
- In reply to: Dave Torre: "Network "Change Management""
- Next in thread: Evan Pierce: "RE: Network "Change Management""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
