[unisog] Network security police no hubs/switches/routers?
rand at merrimack.edu
Tue May 24 14:08:10 GMT 2005
I can turn on BPDU Guard etc...but it still costs me $50+ to handle the
help desk call when it kicks in.
For many of us, I think the important part of our policy is the word
"unauthorized." We don't usually have a problem authorizing network
extensions--we just want to know about them and make sure they're done
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Kang Liu
Sent: Monday, May 23, 2005 8:51 PM
To: 'UNIversity Security Operations Group'
Subject: RE: [unisog] Network security police no hubs/switches/routers?
In this situation, there might be a looped cable on the cheap hub. What
of switches do you use in your campus network? My university uses Cisco
as access layer switches; it can detect this kind of problem, and put
port into err-disable state, even when spanning-tree is not functional.
unicast/broadcast storm can be filtered by applying storm-control
More information about the unisog