Detection of Rogue Access Points

Raymond Burkholder ray at oneunified.net
Thu Oct 18 14:10:07 UTC 2012


> I like the idea of looking at the ARP table periodically, but this
presents
> some possible issues for us. The edge routers at our remote sites are
Cisco
> 1841 devices, typically with either an MPLS T1 or a Public T1 (connected
> via an IAD owned by Centurylink; router to router, so dumb). Aside from
> manually logging in to those individual routers (all 140 or so of them)
and
> checking them on a schedule, can anyone think of a good way to capture
that
> information automatically? If I had to I could probably come up with a
> script to log in to them and scrape the info then process it but...eww.

NetDisco knows how to scan networks for mac addresses, arp addresses, ip
addresses, etc.  It keeps track of deltas.  It may have be able to email
deltas or something similar.    Or run a query against the database, as I
seem to recall it seems to hold historical data.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.





More information about the NANOG mailing list