Security Basics mailing list archives
Re: Network scanning
From: White-Tiger <white-tiger () rocketmail com>
Date: Sat, 9 Aug 2003 08:18:58 -0700 (PDT)
I am sorry I got on this late... Some switches support eapol that works with a radius server to auth mac address at port level before the switch will enable that port... I have done limited testing. If you unplug a live connect, not only will someone be calling saying that something doesn't work, but when they plug in there NIC the switch will see a new MAC and disable the port. Some one can give some ideas about MAC spoofing, But doesn't the NIC give its real MAC to the switch while you are trying to spoof someone elses MAC? if this is the case, then you can disable and port that is not a known MAC. I have a baystack450, and I can setup the MAC in each of the switchs, but that will be kinda hard to maintain. So I am looking at free radius for OpenBSD that supports eapol, so I can just setup a file with all allowed MACs. Hope this helps, sorry if someone already said this, I am a little late on the thread. WT --- Sebastian Schneider <ses () straightliners de> wrote:
On Friday 08 August 2003 14:19, CHRIS GRABENSTEIN wrote:As far as the hard wires, I think the best solution isto search out thoseunused ports and unplug them from the switch. They canbe quicklyreconnected if needed, and you'll know about it.I guess you're actually aware, that not everyone is locking up rooms containing switches. And just plugging out unused cables won't be sufficient, since usually I just can plug out any computer and plug in my own.|-----Original Message----- |From: netsec novice [mailto:netsec9 () hotmail com] |Sent: Thursday, August 07, 2003 4:51 PM |To: security-basics () securityfocus com |Subject: Network scanning | | |Are there tools out there that would allow systemadministrators to be|notified when a new workstation attaches to a network?I'm|thinking both |wireless and ethernet in this case. SNMP maybe? I amin a|credit union |environment and my concern is that someone would beable to steal an|existing jack or a jack that is not physicallyprotected but|live and be |able to capture traffic or do reconaissance. We don'thave|Wireless access |at this point but may look to it in the future. Myonly|thought in that |case would be to encrypt all traffic since wirelesssecurity|is a bit scary |at this point. Any ideas?
---------------------------------------------------------------------------
---------------------------------------------------------------------------
--- ----------------------------- straightLiners IT Consulting & Services Sebastian Schneider Metzer Str. 12 13595 Berlin Germany Phone: +49-30-3510-6168 Fax: +49-30-3510-6169 Mail: ses () straightliners de Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
---------------------------------------------------------------------------
----------------------------------------------------------------------------
__________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Network scanning, (continued)
- RE: Network scanning Paul Farag (Aug 08)
- Re: Network scanning James Fields (Aug 07)
- RE: Network scanning Simon (Aug 11)
- RE: Network scanning White-Tiger (Aug 12)
- Re: Network scanning himicos (Aug 13)
- Re: Network scanning Bradley Adams (Aug 07)
- Re: Network scanning Jeff MacDonald (Aug 07)
- RE: Network scanning Jason Armstrong (Aug 08)
- RE: Network scanning CHRIS GRABENSTEIN (Aug 08)
- Re: Network scanning Sebastian Schneider (Aug 08)
- Re: Network scanning White-Tiger (Aug 11)
- Re: Network scanning Sebastian Schneider (Aug 11)
- RE: Network scanning Ethan (Aug 12)
- Re: Network scanning Jeff Lumley (Aug 12)
- Re: Network scanning Sebastian Schneider (Aug 08)
- Re: Network scanning Sebastian Schneider (Aug 11)