Detection of Rogue Access Points

Ryan McBride mcbride at countersiege.com
Tue Oct 16 23:22:52 UTC 2012


On Mon, Oct 15, 2012 at 04:31:34PM -0700, Joe Hamelin wrote:
> I think it would be cheaper to have a script written that would grab the
> ARP table of each site and then compare to what is known.  Kind of an ARP
> tripwire. 

Netdisco does this, and more (reports on ports which have more than 1
MAC address, devices from known wireless manufacturers, search MAC
address by manufacturer, etc).

http://www.netdisco.org/



More information about the NANOG mailing list