Re: Detecting multiple hosts behind a single managed switch port

Try SNMP tools and 'switch port mapper' by Solarwinds Engineer's edition

I was doing the same thing this week, enumerating targets from a large Class B internal network during a pen test

Chris Serafin
IT Security / Cisco Engineer
chris@xxxxxxxxxxxxxxxx



Matt Kaar wrote:
Hello all,

I'm looking for a tool that can query a list of managed switches (both
Foundry and Cisco) via SNMP and return ports on those switches that
have more than one end host connected (based on MAC addresses). It
would need to filter out ports that are connected to other managed
switches in the list as well as ports that are setup as trunk links.

I know that there may be some configuration/modification involved in
whatever tool I find, I'm just looking for something that keeps me
from coding it from the ground up.

Any ideas?

Thanks,
Matt

---------------------------------------------------------------------------

This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------







---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Relevant Pages

  • RE: router access control list
    ... Have read of these to get a feel for extended ACLs on Cisco's: ... open ports for different computers. ... Norwich University ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ...
    (Security-Basics)
  • Re: Am I owned on port 27665
    ... this year and I have confirmed that the two ports did not exist. ... Also the current IOS Version on my Router is 12.4. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic ...
    (Security-Basics)
  • Re: Suspected nmap listing - am I under attack?
    ... Filtered in your case means that the services that use these ports are not accessible from the outside world. ... Try to telnet your machine from a remote server, I bet you won't get a connection. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence in Information Security. ...
    (Security-Basics)
  • weird error
    ... the ports on the Firewall but still can not get to the site externally. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ...
    (Security-Basics)
  • Detecting multiple hosts behind a single managed switch port
    ... I'm looking for a tool that can query a list of managed switches (both ... would need to filter out ports that are connected to other managed ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. ...
    (Security-Basics)