Duplicate printer IP address

Collapse
X
Collapse
 
  • Page of 3
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • BillyCarpenter
    replied
    Re: Duplicate printer IP address

    Originally posted by slimslob
    And if the main company network also includes WiFi, you can also block devices by their mac, or to be more precise, you can only allow specific devices, even on home WiFi networks. Of course there are a lot of so called IT people out there who do not know or do not care. We have all encountered them. Think they are better than a lowly copier man until one of us determines the cause of a network problem in less than 5 minutes that they have been working on for hours.

    True. You probably remember me talking about this on the board. I set up several lightweight access points and a WLAN (Wireless LAN Controller) on a Radius Server. It's basically Active Directory for Wireless. You sign in to the wireless network with the same credentials and only have access to the information that was granted to you. The Lightweight Access Points don't do any of the heavy lifting. It's all done on the WLAN controller and you can control everything from there.

      Leave a comment:

    • slimslob
      replied
      Re: Duplicate printer IP address

      Originally posted by BillyCarpenter
      There's another way to do this and it's probably the best method, IMHO. You can bind a mac address, or two, to a specific port on the switch. If someone comes along and plugs in a laptop or other device, the port immediately shuts down and the IT dept is notified via email.

      You can also do some other cool stuff but we'll save that for another day.
      And if the main company network also includes WiFi, you can also block devices by their mac, or to be more precise, you can only allow specific devices, even on home WiFi networks. Of course there are a lot of so called IT people out there who do not know or do not care. We have all encountered them. Think they are better than a lowly copier man until one of us determines the cause of a network problem in less than 5 minutes that they have been working on for hours.

        Leave a comment:

      • BillyCarpenter
        replied
        Re: Duplicate printer IP address

        One last thing. We can tell a switch to only learn 1 mac address for a port or several macs. If an unauthorized device is plugged in, we can use 3 different violation modes:


        1. Shut down - the port is shutdown and an admin must turn back on.

        2. Protect - This simply mean that the switch will not put anymore mac addresses in its CAM table and no packets will be forwarded except on authorized devices. Protect mode doesn't generate an alert message or email.

        3. Restrict - Lets only authorized mac addresses communicate on the network and generates alert messages and logs. (it keeps a daily log of port activity. )

          Leave a comment:

        • BillyCarpenter
          replied
          Re: Duplicate printer IP address

          techxsge asked a good question: Why would you want to shut down a port...isn't that overkill? Good question.

          I remember when I was going thru CCNA course on Port Security, they brought up an interesting scenario. Some may find this interesting. Forget about an employee bringing in a laptop. Let's focus on a hacker trying to steal sensitive information. What if the hacker is using an Attack Tool that is flooding the switch with Mac Addresses? Remember that a switch has a Mac Address Table that is stored in memory. The attack tool can flood the switch with 1000's of mac addresses in a short amount of time. This will cause flood the memory and the switch will forget all of the good mac addresses and bring down the entire system. Moreover, the hacker can now intercept all known good mac addresses and use a mac spoofing tool. It's bad news.

          From my understanding, Port Security is used in all major organizations.
          Last edited by BillyCarpenter; 11-30-2022, 02:57 PM.

            Leave a comment:

          • BillyCarpenter
            replied
            Re: Duplicate printer IP address

            Originally posted by techsxge
            Isnt an IT Email and shutting off the port kinda an overkill? Just denying any traffic would be more than enough

            Well, lets think about it. If a company has highly classified information stored on their server, wouldn't you want to be notified the second an unauthorized device was plugged in and that port be shut down immediately? That's why switches have this feature.
            Last edited by BillyCarpenter; 11-30-2022, 02:59 PM.

              Leave a comment:

            • BillyCarpenter
              replied
              Re: Duplicate printer IP address

              Originally posted by techsxge
              For personal Devices, there will always be a guest network for as long as i am around. There, they can fight over any ip address they want with themselves but i dont care if they say "ip x is blocked". No personal device has anything to do in a companies network. NEVER. Had seen way too many companies been hacked because a Employees private Notebook got hacked and they shared files from that notebook with colleagues. That is kind of like putting the banks safe key next to the door.
              If they need a static IP in that Guest Network for their device for whatever reason no problem, i'll add that.

              What are you talking about? A wireless guest network?

              I thought we were talking about plugging a device (laptop or otherwise) into an ethernet port?

                Leave a comment:

              • techsxge
                replied
                Re: Duplicate printer IP address

                Originally posted by BillyCarpenter
                There's another way to do this and it's probably the best method, IMHO. You can bind a mac address, or two, to a specific port on the switch. If someone comes along and plugs in a laptop or other device, the port immediately shuts down and the IT dept is notified via email.

                You can also do some other cool stuff but we'll save that for another day.
                Isnt an IT Email and shutting off the port kinda an overkill? Just denying any traffic would be more than enough

                  Leave a comment:

                • BillyCarpenter
                  replied
                  Re: Duplicate printer IP address

                  There's another way to do this and it's probably the best method, IMHO. You can bind a mac address, or two, to a specific port on the switch. If someone comes along and plugs in a laptop or other device, the port immediately shuts down and the IT dept is notified via email.

                  You can also do some other cool stuff but we'll save that for another day.

                    Leave a comment:

                  • techsxge
                    replied
                    Re: Duplicate printer IP address

                    Originally posted by slimslob
                    Many times an employee connecting their personal laptop don't have permission to do so and as such do not want to get an address automatically as it would then show up in the DHCP log.
                    For personal Devices, there will always be a guest network for as long as i am around. There, they can fight over any ip address they want with themselves but i dont care if they say "ip x is blocked". No personal device has anything to do in a companies network. NEVER. Had seen way too many companies been hacked because a Employees private Notebook got hacked and they shared files from that notebook with colleagues. That is kind of like putting the banks safe key next to the door.
                    If they need a static IP in that Guest Network for their device for whatever reason no problem, i'll add that.

                      Leave a comment:

                    • slimslob
                      replied
                      Re: Duplicate printer IP address

                      Originally posted by techsxge
                      Nope. Well, if you're doing very basic static IP via the said Machines / Computers then yes. I am talking about proper Static IP via Firewall/DHCP Server or Router. These things will bind a IP Address to an MAC Address which cannot be doubled.
                      Many times an employee connecting their personal laptop don't have permission to do so and as such do not want to get an address automatically as it would then show up in the DHCP log.

                        Leave a comment:

                      • techsxge
                        replied
                        Re: Duplicate printer IP address

                        Originally posted by slimslob
                        And you still have the problem of someone connecting their personal laptop using a manually address that is the same as the MFP.
                        Nope. Well, if you're doing very basic static IP via the said Machines / Computers then yes. I am talking about proper Static IP via Firewall/DHCP Server or Router. These things will bind a IP Address to an MAC Address which cannot be doubled.

                          Leave a comment:

                        • larweedad
                          replied
                          Re: Duplicate printer IP address

                          I had one where copier said ip in use. Turned out that the person in charge took a 2 week vacation. when they were in the office no printing. They leave it prints. They standing next to me. Their phone picked up the copiers IP when the came back from vacation.

                            Leave a comment:

                          • tsbservice
                            replied
                            Re: Duplicate printer IP address

                            Originally posted by slimslob
                            And you still have the problem of someone connecting their personal laptop using a manually address that is the same as the MFP.
                            They should have reserved in DHCP IP addresses of MFPs by their MAC address which they didn't... till now.
                            I think this is among simple best practices of IT staff but who em I

                              Leave a comment:

                            • slimslob
                              replied
                              Re: Duplicate printer IP address

                              Originally posted by techsxge
                              Thats why you configure DHCP Ranges and put the machine outside of that range + have a documenation on hand for the non-dhcp ranges
                              And you still have the problem of someone connecting their personal laptop using a manually address that is the same as the MFP.

                                Leave a comment:

                              • techsxge
                                replied
                                Re: Duplicate printer IP address

                                Originally posted by tsbservice
                                Just yesterday had a call from IT guy that machine (KM in this case if that matters) stopped to print.
                                They checked driver, port, cable, etc. There was ping reply but no printer web page interface. I told them try to scan to email which he thinks was failing either but upon last attempt he saw message on machine that job failed due to duplicate IP I was on the phone and we run advanced IP scanner (after turning Off the machine) which found some PC taking over machine IP. Lesson again and again learned... never trust customers
                                Thats why you configure DHCP Ranges and put the machine outside of that range + have a documenation on hand for the non-dhcp ranges

                                  Leave a comment:

                                Previous 1 2 3 template Next
                                Working...