Every Network Interface Card (NIC) on any platform has unique MAC address that used to access Ethernet networks. The MAC address is hard coded by the network card manufacturer and on many security systems used as a platform identity for network access permission. Using the MAC address of a platform with network permission rights by an intruder or malicious software instead of its original address called MAC spoofing.
MAC address network access control
MAC address spoofing is quite an easy task for a potential intruder especially when using MAC address of network nodes that are inactive most of the time like network printers and networking time and attendance systems. This is the main reason for not using MAC address protection as a single network access control (NAC) mechanism but combining multiple protection methods to create safe and reliable security protection like Lan-Secure Security Center and Lan-Secure Switch Center Protector network security scanners.
MAC address spoofing
There are some nice tools and drivers that can be found on the net that will change MAC address of specific platform to any other MAC address. But it can be done easily on any windows platform using the windows built in registry editor. Here are the steps needed to change windows platform MAC address and gain access to the network as another platform MAC address:
Changing MAC address
1. Open windows registry editor by clicking the Start button selecting Run command and typing “RegEdit”.
2. Open registry folder HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}.
3. Select the appropriate network card folder by viewing the data written on the folder DriverDesc value.
4. On the network card folder create new String Value named NetworkAddress and modify its data to the preferred MAC address using its 12 hexadecimal characters in a row.
5. Reset the network card adapter by disable and enable the card from windows Network Connections control panel.
6. Use IpConfig /all windows command to verify the new network card MAC address.
Clearing MAC address
1. Open windows registry editor by clicking the Start button selecting Run command and typing “RegEdit”.
2. Open registry folder HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}.
3. Select the appropriate network card folder by viewing the data written on the folder DriverDesc value.
4. Delete the String Value named NetworkAddress.
5. Reset the network card adapter by disable and enable the card from windows Network Connections control panel.
Lan-Secure Network Security and Management Blog for real-time windows based monitoring and discovery software scanning tools.
SNMP management of Ten Giga ports
Using SNMP is the ideal way for managing network performance and traffic. There are also some great tools on the net that will help to do it easily like Lan-Secure Switch Center multi vendor switch port scanner network monitoring software. Either doing it manually or using any preferred tool the exact port speed will be required for having accurate performance and traffic results.
SNMP standard port or interface speed
The standard SNMP port or interface speed can be resolved by using the MIB-II interface speed query (1.3.6.1.2.1.2.2.1.5). Using this query with SNMP Get command and the interface index will return the speed of the specific interface. Using this query with SNMP Get Next command will return the speed of all the interfaces that exist on the device that was queried. The value that will be returned from the query will be the interface bandwidth in bits per second units.
SNMP speed of Ten Giga port or interface
Trying to use the standard SNMP interface speed query on Ten Giga port will return a value of 4294967295 bits per second. This value is the maximum speed that the standard SNMP query will hold for any device interface and it is about 4.3G bits per second. Using this speed to manage the performance and traffic of a Ten Giga ports will return false and inaccurate results.
SNMP high speed port or interface
A solution for the Ten Giga ports speed problem that was described above will require using the MIB-II interface high speed query (1.3.6.1.2.1.31.1.1.1.15). Using this query will return the interface bandwidth in 1,000,000 bits per second units. Replacing the standard speed query with the high speed interface query will work for almost all SNMP devices that support Ten Giga ports and provide an accurate performance and traffic results.
SNMP standard port or interface speed
The standard SNMP port or interface speed can be resolved by using the MIB-II interface speed query (1.3.6.1.2.1.2.2.1.5). Using this query with SNMP Get command and the interface index will return the speed of the specific interface. Using this query with SNMP Get Next command will return the speed of all the interfaces that exist on the device that was queried. The value that will be returned from the query will be the interface bandwidth in bits per second units.
SNMP speed of Ten Giga port or interface
Trying to use the standard SNMP interface speed query on Ten Giga port will return a value of 4294967295 bits per second. This value is the maximum speed that the standard SNMP query will hold for any device interface and it is about 4.3G bits per second. Using this speed to manage the performance and traffic of a Ten Giga ports will return false and inaccurate results.
SNMP high speed port or interface
A solution for the Ten Giga ports speed problem that was described above will require using the MIB-II interface high speed query (1.3.6.1.2.1.31.1.1.1.15). Using this query will return the interface bandwidth in 1,000,000 bits per second units. Replacing the standard speed query with the high speed interface query will work for almost all SNMP devices that support Ten Giga ports and provide an accurate performance and traffic results.
Subscribe to:
Posts
(
Atom
)