Full Disclosure mailing list archives

RE: Rogue Network Link Detection

From: "Randall M" <randallm () fidmail com>
Date: Tue, 6 Dec 2005 05:58:23 -0600

 

::::-----Original Message-----
::::From: full-disclosure-bounces () lists grok org uk 
::::[mailto:full-disclosure-bounces () lists grok org uk] On 
::::Behalf Of H D Moore
::::Sent: Monday, December 05, 2005 11:42 PM
::::To: full-disclosure () lists grok org uk
::::Subject: [Full-disclosure] Rogue Network Link Detection
::::
::::"Unauthorized network links are one of the biggest problems 
::::facing large enterprise networks. Users intent on bypassing 
::::corporate proxies will often use cable modems, wireless 
::::networks, or even full-fledged T1s to access the internet. 
::::These network links can have a drastic affect on 
::::organizational security; any perimeter access controls are 
::::completely bypassed, making it nearly impossible for the 
::::administrators to effectively concentrate their monitoring 
::::and intrusion prevention efforts. This document attempts to 
::::describe different approaches and techniques that can be 
::::used to detect these rogue network links."
::::
::::http://metasploit.com/research/misc/rogue_network/
::::
::::-HD
::::_______________________________________________
::::Full-Disclosure - We believe in it.
::::Charter: http://lists.grok.org.uk/full-disclosure-charter.html
::::Hosted and sponsored by Secunia - http://secunia.com/
::::

We FINALY fix that problem. We implemented VMPS/Vlans using MAC address. Any
rogue is placed in deny. 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Rogue Network Link Detection H D Moore (Dec 05)
- Re: Rogue Network Link Detection DanB-FD (Dec 06)
- RE: Rogue Network Link Detection Randall M (Dec 06)