Hi Ricardo,
I'll just answers about the Nmap related features, to which I am directly
related to (I'm the GSoC student in charge of that one).
On Sun, Jun 17, 2012 at 3:40 PM, Ricardo Duarte <rjt...@hotmail.com> wrote:
> Hi there,
>
> I'm quite new to PacketFence, but so far I'm amazed with the functionality
> it provides.
> I do have some suggestions tho.
> Those are:
>
> - Support for IOS Sensor
> Cisco devices now support an IOS based profiler (IOS Sensor). Catalyst
> switches and wireless controllers running the latest IOS can send interim
> RADIUS accounting messages to the RADIUS server with information about the
> device (DHCP, LLDP, CDP).
> More information here:
> http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/15.0_1_se/device_sensor/guide/sensor_guide.pdf
>
> - Extended Fingerprinting
> As NMAP will be supported soon (SoC), it would be nice to derive a better
> fingerprint with information from it. For example, a printer fingerprint
> could be the result of DHCP and the open ports. That way, we could prevent
> or make it harder for a person to spoof a device.
>
I can definitely work on that. Of course I need more details about what you
have in mind... I'm not a very experienced network administrator, so
sometimes it might be useful to understand exactly which are the killer
features.
After I finish integrating Nmap with PackeFence (which is in course right
now), we can discuss this implementation. It will be fun to contribute with
such improvements.
>
> - Granular violations / per vlan violations
> Some times we just want to trigger violations for some type of users,
> devices or VLANs. For example, I may want to block Bittorrent on guest vlan
> but not on production vlan. I may also want to block bittorrent for regular
> users, but not for VIPs.
>
> Best regards.
>
>
>
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> PacketFence-devel mailing list
> PacketFence-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-devel
>
>
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
