×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

rogue network

rogue network

rogue network

(OP)
Google (even using search tricks, like inurl, intitle, file.blablabla, etc) reveals nothing...

Has anyone ever had "crowe.local" show up on their ethernet interface as the local network? I'm guessing at some time someone may have plugged their little dsl router or maybe even a little personal print server on the network here, and it wrote tio the registry of something that remains on the LAN (like a local file server, DC (scary!), etc)...sounds like someone's last name to me, but for the life of me I can't find where it's cominng from...not too many tools here to work with (Lancope or Orion w/netflow in the edge routers would be nice...)---I'm stuck with show commands and debugs in Cisco switches (edge routers are controlled by the provider, we only control the layer 2 domain behind the routers)...

Thanks!

--Tim

ip access-list extended IP-Options-and-Powerball
deny ip any any winning-powerball-ticket
permit ip any any option any-options
!
class-map ACL-Options-and-Powerball
match access-group name IP-Options-and-Powerball
!
policy-map CoPP-POLICY
class ACL-Options-and-Powerball
drop
!
control-plane
service-policy input CoPP-POLICY

RE: rogue network

(OP)
Forgot to mention---I doubt it was ever any rogue WAP---I looked in Prime/ISE, and we have rogue detection APs hung off of the controllers.

--Tim

ip access-list extended IP-Options-and-Powerball
deny ip any any winning-powerball-ticket
permit ip any any option any-options
!
class-map ACL-Options-and-Powerball
match access-group name IP-Options-and-Powerball
!
policy-map CoPP-POLICY
class ACL-Options-and-Powerball
drop
!
control-plane
service-policy input CoPP-POLICY

RE: rogue network

Do any users 'dial in' or connect through a VPN or have laptops, tablets, phones etc that they also use "off site"?

Because if they have an "always add suffix" declared in their network setting ...

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum

RE: rogue network

Hey, here's a way to get some more information on it. Block it. Eventually something will break or someone will raise their hand for help, unless they didn't want it being found to begin with. Either way, I think that'll get you to your end solution than trying to figure it out otherwise.

"But thanks be to God, which giveth us the victory through our Lord Jesus Christ." 1 Corinthians 15:57

RE: rogue network

(OP)
Nope, someone's personal Netgear router like I kinda thought at first...just never saw someone have a .local nw profile. kjv1611, the first thing I did was kill the switchport to which it was connected. I separated shit and re-enabled the port so I could NMAP it.

ip access-list extended IP-Options-and-Powerball
deny ip any any winning-powerball-ticket
permit ip any any option any-options
!
class-map ACL-Options-and-Powerball
match access-group name IP-Options-and-Powerball
!
policy-map CoPP-POLICY
class ACL-Options-and-Powerball
drop
!
control-plane
service-policy input CoPP-POLICY

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login


Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close