Do you mind sharing what system/method you use to record the mac-notify
messages and to parse them? We also have mac-notification setup but
Cisco doesn't send a user friendly notification but If-Indexes with
VLANs in hex instead. Its' very helpful to have put a pain in the ass to
parse.
On 10/16/2014 1:19 PM, James Elliott wrote:
We have a homegrown tool that uses some of the features of the Cisco Rogue
Locator Tool, without needing the infringing wireless network to be open.
We have cisco snmp mac -notification setup for all ports on campus, so we are
able to identify each where each device is plugged in on our network. We take
the mac address of the observed rogue AP and add 1 to the mac, and subtract 1
from the mac. This gives us 3 MAC addresses to compare to what is plugged into
the network. Once the port is identified, we get an email of the device
wireless mac, wired mac, switch and port it is connected to, and even the IP
address it pulled from DHCP.
At this point, we use our maps to identify the room number, turn off all the
ports in the room and notify Res Life of the infraction. We were able to get
most of the wireless routers on campus using this technique.
James Elliott
-----Original Message-----
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[email protected]] On Behalf Of Frank Sweetser
Sent: Thursday, October 16, 2014 1:16 PM
To: [email protected]
Subject: Re: [WIRELESS-LAN] Wireless in Dorms
+1 to USB free USB cables as one of the more effective tools for
+combating
wireless printers.
More and more, it's not a case of people deciding to use wireless over wired,
but instead it simply never occurs to them that they can get internet through
that funny rectangularish hole. There's not much you can do for that except
free cables and a constant, consistent education campaign.
Frank Sweetser fs at wpi.edu | For every problem, there is a solution that
Manager of Network Operations | is simple, elegant, and wrong.
Worcester Polytechnic Institute | - HL Mencken
On 10/16/2014 12:15 PM, Peter P Morrissey wrote:
That has been our approach. We have 100% coverage in residences and
there isn’t usually a good reason to have an offending device with the
exception of devices that just won’t work on our Enterprise network that Lee
had mentioned.
We have found that once we explain the situation to students, they are
fine with turning them off or allowing us to help them turn them turn
off the WiFi feature and find a better way to connect. Most devices
have wired connections that can be utilized, and from what I
understand, for a gamer this gives them a slight advantage due to
lower latency. (I could be wrong about that though as I am not a
gamer). We also attempt to do a lot of education before and during
opening, and have a large stash of extra long USB cables that we give
out freely. We have people helping students move in and nip a lot of this in
the bud from the beginning. You can get USB cables very cheap in bulk BTW.
I’m not saying it is perfect, but we don’t get any performance
complaints at all, although it is certainly possible that there are
complaints that don’t get to us.
Pete Morrissey
*From:*The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[email protected]] *On Behalf Of *Heath
Barnhart
*Sent:* Thursday, October 16, 2014 12:04 PM
*To:* [email protected]
*Subject:* Re: [WIRELESS-LAN] Wireless in Dorms
As I read the case, sending deauth's is exactly what the Marriot's
system was doing.
We used don't have that bad of a rogue issue since we upgraded our
WiFi in the dorms three years ago. I think I had 3 this year, and I
just track them down the best I can (by me I mean my student worker),
and have a polite conversation with the offender. I haven't had a
problem with this method, though I've never been faced with 700
rogues. What types of devices are being classified as rogues?
--
Heath Barnhart
ITS Network Administrator
Washburn University
785-670-2307
On Thu, 2014-10-16 at 11:39 -0400, Philippe Hanset wrote:
I think that the Marriott court case needs to be put into perspective.
Many of us have been quarantining rogue APs without any trouble.
The Marriott case is somewhat different. They were preventing all Wi-Fi
from being enabled
and they were selling theirs as the only Wi-Fi around.
BTW, rogue containment is usually not "jamming". Jamming requires to
interfere with the spectrum.
Some of those smart containment software don't actually jam the frequency
but send a disassociation frame to a specific client.
Also a lot of us are preventing rogue APs that are actually interfering
with the University Infrastructure on the same frequencies.
Those students are actually the jammers in this case and I don't see why
you couldn't protect yourself by preventing them from interfering with the
University
Wi-Fi on University grounds.
As I wrote above, the Marriott case is being taken way too literally and
being blown out of proportions.
I doubt that the FCC will come to you because you are actually trying to
provide a service to your community and for free.
Just make sure that you only block channels that you are using (and a few
around to guarantee non overlapping) and not ALL of them!
And don't use containment on the coffee shop next door ;-)
My 1.99 cents,
Philippe
Philippe Hanset
www.anyroam.net <http://www.anyroam.net>
On Oct 16, 2014, at 11:13 AM, Ian McDonald <[email protected]
<mailto:[email protected]>> wrote:
Breach of your written policy prohibiting such things isn’t a
disciplinary matter? And can’t be fixed with your disciplinary system?
*From:* The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[email protected]] *On Behalf Of *T. Shayne
Ghere
*Sent:* 16 October 2014 16:11
*To:* [email protected]
<mailto:[email protected]>
*Subject:* [WIRELESS-LAN] Wireless in Dorms
Good morning.
Let me say first off, we’re nearly a complete Cisco shop other than
our Firewalls right now. We are running 3 – Cisco 5508 Wireless Lan
Controllers and Cisco WCS.
The AP’s in the Dorm’s and Greek houses are all 1142N AP’s and have
been spaced accordingly by Cisco and by us during the introduction of
wireless in the Dorms, Greeks and Single housing.
We are having a heck of a time with all the interference that the
students bring with them making our wireless nearly unusable. I know
this topic has come up in the past, but this year is one of the worst
we’ve seen, and the students are getting restless.
We have the ability to quarantine rogue Wireless clients, however
according to a recent Court case against a large Hotel Chain, it was
decided that on an open free wireless spectrum, we would be breaking
the law in jamming it.
How have you addressed this issue? I’m about ready to ask upper
management to remove the AP’s in all the Dorm buildings and let the
students bring their own AP’s if they want wireless. Has anyone
resorted to this?
Thanks for your input
Shayne
********** Participation and subscription information for this
EDUCAUSE Constituent Group discussion list can be found
athttp://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
