[unisog] Network security police no hubs/switches/routers?

Hall, Rand rand at merrimack.edu
Tue May 24 14:08:10 GMT 2005


I can turn on BPDU Guard etc...but it still costs me $50+ to handle the
help desk call when it kicks in. 

For many of us, I think the important part of our policy is the word
"unauthorized." We don't usually have a problem authorizing network
extensions--we just want to know about them and make sure they're done
right.

Rand

-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Kang Liu
Sent: Monday, May 23, 2005 8:51 PM
To: 'UNIversity Security Operations Group'
Subject: RE: [unisog] Network security police no hubs/switches/routers?

In this situation, there might be a looped cable on the cheap hub. What
kind
of switches do you use in your campus network? My university uses Cisco
2950
as access layer switches; it can detect this kind of problem, and put
the
port into err-disable state, even when spanning-tree is not functional.
The
unicast/broadcast storm can be filtered by applying storm-control
threshold
policy.

Kang




More information about the unisog mailing list