On Feb 17, 2004, at 11:29 AM, John Watters wrote:
If you have Cisco gear, you might try enabling POT SECURITY to limit
the number of MAC addresses
seen on each port. We set our general ports to a max of 2 MAC
addresses which allows for easy
change to a new desktop machine but typically hurts wireless users
(unless it is only their
wireless AP & their PC). Ports with known wireless APs are set higher
(number depending on location
& typical use).
This does not help for most AP's as they are NAT's by default. The only
MAC you'll see is that of the AP. Worse, if someone tries to identify
AP's by manufacturer code, most (all?) of them can easily spoof a MAC
address. Although I doubt most people who are plugging in these rogue
AP's are going to that much trouble, the more savvy
(dangerous/devious?) users will find it quite easy.
If anybody has any other techniques for finding AP's from the wired
side I too would love to hear them.
Michael Fleming
CSU, Bakersfield
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/cg/.
