<<< Date Index >>>     <<< Thread Index >>>

RE: Tool for Identifying Rogue Linksys Routers



Hi Martin,

>We are migrating from Lucent QIP to MetaIP for DHCP services and so
>far we have had two issues when MetaIP has been implemented for  VLAN
>that has an unauthorized Linksys router giving out IP addresses.

If you have an IDS such as Snort configured on your network, it would be
fairly straightforward to build a configuration watching for DHCP
traffic on specific VLANs not originating from legitimate servers (as
defined by you, The Administrator).

Find a helpful article here describing such a scenario:

http://security.itworld.com/4363/ITW3542/page_1.html

HTH,

Matt