Re: MAC Address Monitoring

Author	All Replies
alamarco Haruhi join:2003-06-18 Windsor, ON clubs: ·Cogeco Cable	reply to LLigetfa Re: MAC Address Monitoring By illegal I mean MAC's which I know aren't PC's on my network. From Arpwatch quote: Arpwatch is a tool that monitors ethernet activity and keeps a database of ethernet/ip address pairings. I don't think it does what I want. I'll give it an install later (work soon) and see for sure. Any other suggestions?
	to forum · permalink · · 2008-05-10 17:43:32 ·
LLigetfa join:2006-05-15 Fort Frances, ON	said by alamarco : I don't think it does what I want. Ethernet address is MAC address. It's not enough to just watch for MAC addies as MACs could be spoofed/stolen. I use my Fluke software to throw WhatsUp Gold a trap whenever it discovers a new MAC and WUG then fires me off an email. On my hotspot, all my APs and router log to a central syslog server that I monitor with php-syslog-ng. It does not throw alerts. -- Strange as it seems, no amount of learning can cure stupidity, and formal education positively fortifies it. -- Stephen Vizinczey
LLigetfa join:2006-05-15 Fort Frances, ON	to forum · permalink · · 2008-05-10 18:01:29 ·
tubbynet more voices, more choices Premium join:2008-01-16 Mesa, AZ ·Sprint Mobile Broa.. ·Cox HSI ·FrontierNet Intern..	reply to alamarco While I can see the need for this capability, I would like to second the opinion put forth by stevech0 . i run a cisco wireless LAN controller and several cisco LWAPs on my network. additionally, i live in an apartment complex and am blasting out enough RF to cover quite a few units around me. i am using wpa/wpa2 with a shared key (i think this goes by tkip/aes in the consumer router market) and, while i see many clients trying to probe my network (which is something as simple as using windows WZC to view available wireless networks), no one ever associates to my network other than those which i have specifically granted access. if you are really worried about security, i would set up wpa2/aes with a strong key and restricting physical access to LAN ports. additionally, if you are looking at a corporate installation, i would suggest looking at the cisco wireless lan controller (WLC2106) and several cisco lightweight access points (LWAPs). this will provide a great amount of monitoring and flexibility when deploying access points. q.
	to forum · permalink · · 2008-05-10 18:03:30 ·


Thursday, 08-Jan 07:38:53	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9 years online! © 1999-2009 dslreports.com. page compression OFF