Re: Network scanning

[Rory <nazgul () csn ul ie>]

for the wireless stuff I would just do mac filtering, any host that is not
in the list of mac address is not allowed to join the wireless network. Of
course the network traffic can still be sniffed using any laptop but you
can just encrypt the traffic over wireless as you suggested. The mac
filtering is something easy to setup and makes sure you don't end up
handing out access to the network to some dude out in in the parking lot.

AS for the other stuff i'm not too sure as SNMP is not something I have
used, running a snort box in the network checking for scanning activity is
also a good precaution that way you are also guarding against any unhappy
employee's looking to make your job harder.

On Thu, 7 Aug 2003, netsec novice wrote:

> Are there tools out there that would allow system administrators to be
> notified when a new workstation attaches to a network?  I'm thinking both
> wireless and ethernet in this case.  SNMP maybe?  I am in a credit union
> environment and my concern is that someone would be able to steal an
> existing jack or a jack that is not physically protected but live and be
> able to capture traffic or do reconaissance.  We don't have Wireless access
> at this point but may look to it in the future.  My only thought in that
> case would be to encrypt all traffic since wireless security is a bit scary
> at this point.  Any ideas?
>
> _________________________________________________________________
> The new MSN 8: smart spam protection and 2 months FREE*
> http://join.msn.com/?page=features/junkmail
>
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------