Full Disclosure mailing list archives
Re: how to bypass rouge machine detection techniques
From: Michael Holstein <michael.holstein () csuohio edu>
Date: Mon, 11 Jul 2005 15:37:43 -0400
now i am just wondering if the detection technique can be integrated at the switch level. for example, one software can connect to switch via ssh, and collect the ipaddress information of the machine trying to plug in to the network, as soon as we detect this machine, we can connect to it to test whether its a part of trusted domain/network or not.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_1_13/config/dhcp.htmNot 100% of what you asked, but basically requires the device "obey" the trusted DHCP server you define. It's only available on certian edge switches (notably the 35xx and some 29xx units) AFIK.
Cheers, ~Mike. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- how to bypass rouge machine detection techniques Gaurav Kumar (Jul 11)
- RE: how to bypass rouge machine detection techniques Paul Melson (Jul 11)
- Re: how to bypass rouge machine detection techniques Gaurav Kumar (Jul 11)
- Re: how to bypass rouge machine detection techniques Michael Holstein (Jul 11)
- Re: how to bypass rogue machine detection techniques Devdas Bhagat (Jul 11)
- Re: how to bypass rouge machine detection techniques Gaurav Kumar (Jul 11)
- <Possible follow-ups>
- RE: how to bypass rouge machine detection techniques Cassidy Macfarlane (Jul 11)
- RE: how to bypass rouge machine detection techniques Lauro, John (Jul 11)
- RE: how to bypass rouge machine detection techniques Paul Melson (Jul 11)