IDS: Re: Scan for "outsider" Pcs on network

[<auto62996 () hushmail com>]

You don't need a username or password!! The legitimate device
attached to the hub keeps the switch port open.

On Sat, 25 Mar 2006 17:48:45 +0100 Eagle Fire 
<tlecuauhtli () googlemail com> wrote:
> I guess the cleaner has a username and a password to authenticate
> its router to the node with 802.1x. If it thats the case, any bad 
> use
> of the network with this username would be log. As a network admin 
> you
> can even disconect the node. If you have the key, you can open the
> door. What we are trying to protect with 802.1X is the access 
> without
> the key.
>
>   If the cleaner does not have a username and password, sorry, 
> you do
> not have access to the network even with your router.
>
> -tlecu
>
>
>
>
> > Terrible analogy (but aren't they always?). Let's try again. I'm 
> a cleaner in an office. Rather than the $10 hub I splash out and 
> buy a $30 wireless hub and router. One evening, I unplug a network 
> printer and attach my router to the network and the printer to the 
> router.
> > Stick it under a table or behind a filing cabinet and in most 
> offices no one will have a clue that it is there. The whole street 
> now has access to your network and 802.1x won't help you one bit.
> > How does that fit your analogy?


Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------