[nsp] Using router or switch to detect "other" switches.

Hudson Delbert J Contr 61 CS/SCBN Delbert.Hudson at LOSANGELES.AF.MIL
Thu Feb 5 15:52:23 EST 2004


chuck,

thanx.

more ammunition for engineering documents i gotta write for ncc 
centralization and consolidation taskers around here that utilize
port security based on mac addy. 

industry forums are considered valid resources of engineering solutions.

~v/r
Del Hudson
61CS/SCBN - LAAFB NCC
Network Architecture & Engineering Group
delbert.hudson at losangeles.af.mil



-----Original Message-----
From: Church, Chuck [mailto:cchurch at wamnetgov.com]
Sent: Thursday, February 05, 2004 10:58 AM
To: Chapman, Matt; cisco-nsp at puck.nether.net
Cc: Sagon, Keith
Subject: RE: [nsp] Using router or switch to detect "other" switches.


Enabling port security, allowing only 1 mac at a time per port will put a
quick end to the Netgears.  Also, I think there is something called
'bpdu-guard' that will let a port function in either port fast mode or with
spanning tree totally off.  But if it receives a BPDU on that port, it shuts
it down immediately.  Other than that, you could span the VLAN and look for
non-Cisco BPDUs, based on the MAC OUI.

Chuck Church
CCIE #8776, MCNE, MCSE
Wam!Net Government Services
13665 Dulles Technology Dr. Ste 250
Herndon, VA 20171
Office: 703-480-2569
Cell: 703-819-3495
cchurch at wamnetgov.com
PGP key:
http://pgp.mit.edu:11371/pks/lookup?op=index&search=cchurch%40wamnetgov.com

> -----Original Message-----
> From: Chapman, Matt [mailto:chapmam2 at ocps.k12.fl.us]
> Sent: Thursday, February 05, 2004 9:26 AM
> To: cisco-nsp at puck.nether.net
> Cc: Sagon, Keith
> Subject: [nsp] Using router or switch to detect "other" switches.
> 
> 
> 
> Is it possible to do rogue detection of switches that are not cisco
> similar to how you can use the Cisco Aeronets to detect rogue Access
> Points?
> 
> We are in a fight to find and replace those pesky little Netgear
> switches that so many people are using to get around pulling a wire or
> even using a cisco 2940.
> 
> Thanks,
> 
> -- Matt Chapman
> 
> Matt Chapman
> Network Engineer
> 
> "I think computer viruses should count as life. I think it says
> something about human nature that the only form of life we 
> have created
> so far is purely destructive. We've created life in our own image."
> Stephen Hawking (1942 - )
> 
> 
> ---
> 
> The information contained in this e-mail message is intended solely
> for the recipient(s) and may contain privileged information. Tampering
> with or altering the contents of this message is prohibited. This
> information is the same as any written document and may be 
> subject to all rules
> governing public information according to Florida Statutes. 
> Any message
> that falls under Chapter 119 shall not be altered in a manner that
> misrepresents the activities of Orange County Public Schools.
> [References: Florida State Constitution I.24, Florida State Statutes
> Chapter 119, and OCPS Management Directive A-9.]
> If you have received this message in error, or are not the 
> named recipient
> notify the sender and delete this message from your computer.
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list