[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-disclosure] Rogue Network Link Detection
- To: "'H D Moore'" <fdlist@xxxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: RE: [Full-disclosure] Rogue Network Link Detection
- From: "Randall M" <randallm@xxxxxxxxxxx>
- Date: Tue, 6 Dec 2005 05:58:23 -0600
::::-----Original Message-----
::::From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
::::[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On
::::Behalf Of H D Moore
::::Sent: Monday, December 05, 2005 11:42 PM
::::To: full-disclosure@xxxxxxxxxxxxxxxxx
::::Subject: [Full-disclosure] Rogue Network Link Detection
::::
::::"Unauthorized network links are one of the biggest problems
::::facing large enterprise networks. Users intent on bypassing
::::corporate proxies will often use cable modems, wireless
::::networks, or even full-fledged T1s to access the internet.
::::These network links can have a drastic affect on
::::organizational security; any perimeter access controls are
::::completely bypassed, making it nearly impossible for the
::::administrators to effectively concentrate their monitoring
::::and intrusion prevention efforts. This document attempts to
::::describe different approaches and techniques that can be
::::used to detect these rogue network links."
::::
::::http://metasploit.com/research/misc/rogue_network/
::::
::::-HD
::::_______________________________________________
::::Full-Disclosure - We believe in it.
::::Charter: http://lists.grok.org.uk/full-disclosure-charter.html
::::Hosted and sponsored by Secunia - http://secunia.com/
::::
We FINALY fix that problem. We implemented VMPS/Vlans using MAC address. Any
rogue is placed in deny.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/