Security Basics mailing list archives
RE: Comparing hosts on a network to text file
From: "Morris, Andi" <amorris () cardiffmet ac uk>
Date: Tue, 7 Aug 2012 15:45:19 +0000
We have NAC on that section of the network, and it works a treat, but a small subsection will not quite play ball with the NAC, namely non-dot1x devices such as games consoles. Until such time that I can tweak the NAC to assign a separate vlan to these devices we are having to do it manually via DHCP reservations. You raised a good idea there about mac-filtering. I know I could run mac filtering on the wireless network for that SSID, but I'm not sure about on our Catalyst 2950s. I'll investiage. Cheers all for your responses. Andi From: Alexander Torres [mailto:alexltk0506 () gmail com] Sent: 07 August 2012 16:38 To: Morris, Andi Subject: Re: Comparing hosts on a network to text file How are devices connecting? Are they connecting to an access point or directly via cable? If this is for security reasons you may want to look at other options, such as VLAN segments, IDS, IPS, DHCP scopes, port blocking, Mac filtering, NAC... just to name a few. By the time you run a scan and compare the results an attacker has already gather the data they were looking for and left without a trace. On Tue, Aug 7, 2012 at 9:37 AM, Morris, Andi <amorris () cardiffmet ac uk> wrote: Hi all, I'm looking to create a script, or use something already in existence to scan a network for hosts, returning the mac addresses active on the network. The script should then compare the mac addresses discovered to a prepopulated text file and somehow notify me of any discrepancy. I'd imagine nmap would be the tool I'm after. The scenario is: I have a network that has a filled DHCP scope. When a user registers a device with us we assign them an IP address on the Windows DHCP server. We are trying to avoid users manually giving themselves an IP address from this range and gaining access. My plan was to have a script poll the network every 'n' minutes to compare the mac addresses on the network to those that we have reserved IPs for and to email the details of any rogue clients to a designated mailbox . Does this sound feasible and does anyone know of a tool that would already exist for this before I spend hours learning and configuring nmap (not time badly spent I admit). Cheers, Andi --------------------------------------------------------------- Andi Morris Technical Security Analyst Systems and Communications Services Information Services Division Cardiff Metropolitan University Cardiff Wales CF5 2YB 02920 205720 -------------------------------------------------------------- ________________________________
From 1st November 2011 UWIC changed its title to Cardiff Metropolitan University. From the 6th December 2011, as part of this change, all email addresses which included @uwic.ac.uk have changed to @cardiffmet.ac.uk. All emails sent from Cardiff Metropolitan University will now be sent from the new @cardiffmet.ac.uk address. Please could you ensure that all of your contact records and databases are updated to reflect this change. Further information can be found on the website here.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx>
Ar Dachwedd y 1af 2011 newidiodd UWIC ei henw i Brifysgol Fetropolitan Caerdydd. O Ragfyr 6ed, fel rhan o'r newid yma, bydd pob cyfeiriad e-bost sy'n cynnwys @uwic.ac.uk yn newid i @cardiffmet.ac.uk. Bydd yr holl ebyst a ddanfonir o Brifysgol Fetropolitan Caerdydd yn cael eu danfon o'r cyfeiriad @cardiffmet.ac.uk newydd. Gwnewch yn siwr eich bod yn diweddaru eich cofnodion cyswllt a'ch cronfeydd data i adlewyrchu hyn. Gellir cael rhagor o wybodaeth ar y wefan yma.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx> ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Comparing hosts on a network to text file Morris, Andi (Aug 07)
- Message not available
- RE: Comparing hosts on a network to text file Morris, Andi (Aug 07)
- Re: Comparing hosts on a network to text file !s3grim (Aug 07)
- RE: Comparing hosts on a network to text file Morris, Andi (Aug 07)
- Message not available
- Re: Comparing hosts on a network to text file Johannes Truschnigg (Aug 07)
- RE: Comparing hosts on a network to text file Dave Kleiman (Aug 07)
- RE: Comparing hosts on a network to text file Demetris Papapetrou (Aug 09)
- RE: Comparing hosts on a network to text file Steve Steiner (Aug 10)
- RE: Comparing hosts on a network to text file Simon Thornton (Aug 10)
- RE: Comparing hosts on a network to text file Mike Saldivar (Aug 10)