It would be sort of odd for someone to go in a back room and pull out a computer, whip it up on the switch and proceed to fire up ethereal. Yet not impossible using a switch that locks down would deffinitely help but you also got to remember ARP cache poisoning is a major factor in what you are talking about. If you can lock the switch down to 1 mac per port, and close all ports that don't have a patch cable hooked up to them, you are pretty good. WIFI in my opinion would not exactly be sufficient for a credit union as even while it's encrypted, it is not very secure. Although if you had to do something to the sort I would suggest checking out 'ipsec'. I'm not sure how far they are in the completion of it yet.
--Noah McNallie AKA K-sPecial ----- Original Message ----- From: "Ethan" <[EMAIL PROTECTED]> Date: Mon, 11 Aug 2003 18:06:28 -0700 To: "'Sebastian Schneider'" <[EMAIL PROTECTED]>, "'CHRIS GRABENSTEIN'" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> Subject: RE: Network scanning > Most newer switches can lock down how many mac addresses are allowed to > be sourced on one port.. if that amount is reached, the port can be > disabled or other action taken (snmp trap, etc)... I know there are > plenty of cisco switches that do this anyhow, I'm sure there are > others... > > Ethan > > > > -----Original Message----- > From: Sebastian Schneider [mailto:[EMAIL PROTECTED] > Sent: Friday, August 08, 2003 12:10 PM > To: CHRIS GRABENSTEIN; [EMAIL PROTECTED] > Subject: Re: Network scanning > > On Friday 08 August 2003 14:19, CHRIS GRABENSTEIN wrote: > > > As far as the hard wires, I think the best solution is to search out > those > > unused ports and unplug them from the switch. They can be quickly > > reconnected if needed, and you'll know about it. > > I guess you're actually aware, that not everyone is locking up rooms > containing switches. > And just plugging out unused cables won't be sufficient, since usually > I just can plug out any computer and plug in my own. > > > > |-----Original Message----- > > |From: netsec novice [mailto:[EMAIL PROTECTED] > > |Sent: Thursday, August 07, 2003 4:51 PM > > |To: [EMAIL PROTECTED] > > |Subject: Network scanning > > | > > | > > |Are there tools out there that would allow system administrators to > be > > |notified when a new workstation attaches to a network? I'm > > |thinking both > > |wireless and ethernet in this case. SNMP maybe? I am in a > > |credit union > > |environment and my concern is that someone would be able to steal an > > |existing jack or a jack that is not physically protected but > > |live and be > > |able to capture traffic or do reconaissance. We don't have > > |Wireless access > > |at this point but may look to it in the future. My only > > |thought in that > > |case would be to encrypt all traffic since wireless security > > |is a bit scary > > |at this point. Any ideas? > > > > > ------------------------------------------------------------------------ > --- > > > ------------------------------------------------------------------------ > --- > >- > > -- > > ----------------------------- > straightLiners IT Consulting & Services > Sebastian Schneider > Metzer Str. 12 > 13595 Berlin > Germany > > Phone: +49-30-3510-6168 > Fax: +49-30-3510-6169 > Mail: [EMAIL PROTECTED] > > > Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte > Informationen. > Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich > erhalten haben, > informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. > Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist > nicht > gestattet. > > This e-mail may contain confidential and/or privileged information. > If you are not the intended recipient (or have received this e-mail in > error) > please notify the sender immediately and destroy this e-mail. Any > unauthorized > copying, > disclosure or distribution of the material in this e-mail is strictly > forbidden. > > ------------------------------------------------------------------------ > --- > ------------------------------------------------------------------------ > ---- > > > --------------------------------------------------------------------------- > ---------------------------------------------------------------------------- > -- ______________________________________________ http://www.linuxmail.org/ Now with e-mail forwarding for only US$5.95/yr Powered by Outblaze --------------------------------------------------------------------------- ----------------------------------------------------------------------------
