What do you want to happen when they try to plug into that port? No network access at all? Access to some of your VLANs but not others? Full access to your network? Internet-only? Obviously you have given them a live network port. The MAC you are seeing in the switch is the MAC of the network adapter they are using, unless they are spoofing it which is unlikely. The USB device isn't even seen by the networking equipment, only the workstation itself? Your equipment can't possibly tell if the mac address it's seeing is spoofed or not, port security will always be vulnerable to this by design. If they were using a laptop that had an ethernet port built in you would have the same problem.Īlso, if they actually are just spoofing the mac address of whatever client is supposed to be hooked up to whatever port they are hijacking, you can't fix this without moving to 802.1x. Fix port security and that will fix your issue because the USB adapter doesn't have anything to do with it. If that's the case, you just don't have port security setup properly. Also, if I'm understanding this correctly they are in a room with their own laptops and they are supposed to connect to some BYOD wifi network but instead they are connecting to ethernet through a USB NIC? Unless they are deliberately spoofing another NICs mac to get around port security that's not what's happening. It's using the network address on the device and doesn't report the mac address on the USB to ethernet device.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |