![]() ![]() Using the “mac-address sticky” option you will reduce efforts for managing mac address table on each port, while “mac-address maximum 2” will grant that no more than 2 MAC addresses can be applied on that port. Once someone asks you to disable a device, you can match the IP address with its MAC address and disable the port you need.Īlso you can prevent users from “sniffing” the network by using the “protected port” feature given by Cisco Catalysts. I would suggest you to do a map of the layer 2 of your network using some simple tool (nmap with -sP option to do a ping sweep of the entire subnet) and gathering the whole information in an Excel file (or equivalent). Also, from a security point of view, a portscan action can be done using a spoofed IP address, so the information given is unreliable. ![]() Since the switch is working at Layer 2 of the OSI model, you cannot associate an IP address on a port, but only a MAC address and the port it is connected.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |