RE: Network "Change Management"
From: Evan Pierce (evan_at_pierce.co.za)
Date: 09/16/04
- Previous message: Sam Baskinger: "Re: Network "Change Management""
- In reply to: Dave Torre: "Network "Change Management""
- Next in thread: Jose Hidalgo Herrera: "RE: Network "Change Management""
- Reply: Jose Hidalgo Herrera: "RE: Network "Change Management""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Dave Torre'" <dtorre@fostercity.org>, <focus-linux@securityfocus.com> Date: Thu, 16 Sep 2004 23:15:23 +0200
Dave
Why not rather restrict DHCP to an allowed list of MAC addresses? And lock a
specific port onto a specific MAC address or if you have too many users that
are mobile (plug into many different ports) use EAP or 802.1x authentication
from the switch to a Radius server and block things that way. Most modern
switches will allow this.
Thanks
Evan
-----Original Message-----
From: Dave Torre [mailto:dtorre@fostercity.org]
Sent: 14 September 2004 07:53 PM
To: focus-linux@securityfocus.com
Subject: Network "Change Management"
Does anyone know of a Linux utility that can watch the MAC address tables in
Cisco switches and alert admins as to when a new device has been plugged in?
Basically, we have your standard client network with DHCP. Internet access
is restricted to authenticated users, and so are the file shares.
However, we've had a few instances where people just plug in their personal
laptops which makes me very worried...
Any thoughts/suggestions as to how I can monitor such events in real time?
Thanks,
-Dave
- Previous message: Sam Baskinger: "Re: Network "Change Management""
- In reply to: Dave Torre: "Network "Change Management""
- Next in thread: Jose Hidalgo Herrera: "RE: Network "Change Management""
- Reply: Jose Hidalgo Herrera: "RE: Network "Change Management""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
