What's On Your Network?

← Back to Stories (view on slashdot.org)

Posted by Zonk on Sunday July 17, 2005 @05:44AM from the sneaky-goings-on dept.

An anonymous reader writes "According to a Whitedust article you may currently have more on your network than you think you do. The article claims that not much security attention is generally given to one of the most elusive aspects of computer security; that of physical connectivity." From the article: "Broadcast traffic is on the rise, with more suspicious user activity in the logs every day. Then one morning you get a call from your irate boss wanting to know why he no longer has a network connection, yet the employees - or students or whoever - down the hall are able to play games and visit porn sites, at blazing speeds no less."

3 of 188 comments (clear)

Min score:

Reason:

Sort:

Re:Maybe this is just me... by Homology · 2005-07-17 06:01 · Score: 4, Informative

but isn't this the sort of stuff that ANY network admin worth their salt should be completely aware of? If they need to be told this stuff they are not (IMHO) worth employing as other than apprentice network engineers. Or is this level of admin common in Windows environments?
Sure, where the employer can pay for it you'll have very good administrators, be it Windows or not. On most smaller sites, the administrator is not a full-time administrator, and is doing administration ad-hoc to his real job. This usually means that he does not have much training in this, nor much time for it either. Now, with all these (useful) Plug-and-Play devices you are bound to have some problems.
Tight Network by tburt11 · 2005-07-17 06:04 · Score: 4, Informative

I maintain a relatively small network of about 50 workstations and about two dozen other devices.
I distribute IP's thru DHCP, and I maintain an ACL via IPTABLES on my Linux router. DHCP distributes IP's based on MAC accress, and I do allow unknown MAC's to get an IP.

The trick is, that any IP that I did not setup in DHCP, is blocked via the ACL to all Internet Access.

Invariably, I get some VP/EXEC/VIP, call me and ask why his visiting sales rep cannot access his email. I walk into the office and the fellow has jacked into my network.

My reply is Sorry.. You can use our WLAN for internet access. No jacking into the network.

The WLAN is connected outside the firewall, so whatever they do there is of no concern to me.

Yes, there are flaws in this method, but so far, it has brought every unathorized network connection to my attention...
A Simple Security Precaution by Ed+Almos · 2005-07-17 06:07 · Score: 4, Informative

Unplug unused network points.

Three months ago we had a security audit carried out by an external company. The first thing they did was find a couple of unused offices and plug their laptops into the network points. I'm glad to say that there was no result.

If you want to take this further then use managed switches and assign each port in use to a specific MAC address. That way if a 'visitor' pulls the plug on one of your computers and plugs their machine there will still be a nil result.

Ed Almos
Budapest, Hungary

--
The more corrupt the state, the more numerous the laws. - Tacitus, 56-120 A.D.