Duplicate printer IP address

Collapse
X
 
  • Time
  • Show
Clear All
new posts

  • BillyCarpenter
    replied
    Re: Duplicate printer IP address

    Originally posted by slimslob
    And if the main company network also includes WiFi, you can also block devices by their mac, or to be more precise, you can only allow specific devices, even on home WiFi networks. Of course there are a lot of so called IT people out there who do not know or do not care. We have all encountered them. Think they are better than a lowly copier man until one of us determines the cause of a network problem in less than 5 minutes that they have been working on for hours.

    True. You probably remember me talking about this on the board. I set up several lightweight access points and a WLAN (Wireless LAN Controller) on a Radius Server. It's basically Active Directory for Wireless. You sign in to the wireless network with the same credentials and only have access to the information that was granted to you. The Lightweight Access Points don't do any of the heavy lifting. It's all done on the WLAN controller and you can control everything from there.

    Leave a comment:


  • slimslob
    replied
    Re: Duplicate printer IP address

    Originally posted by BillyCarpenter
    There's another way to do this and it's probably the best method, IMHO. You can bind a mac address, or two, to a specific port on the switch. If someone comes along and plugs in a laptop or other device, the port immediately shuts down and the IT dept is notified via email.

    You can also do some other cool stuff but we'll save that for another day.
    And if the main company network also includes WiFi, you can also block devices by their mac, or to be more precise, you can only allow specific devices, even on home WiFi networks. Of course there are a lot of so called IT people out there who do not know or do not care. We have all encountered them. Think they are better than a lowly copier man until one of us determines the cause of a network problem in less than 5 minutes that they have been working on for hours.

    Leave a comment:


  • BillyCarpenter
    replied
    Re: Duplicate printer IP address

    One last thing. We can tell a switch to only learn 1 mac address for a port or several macs. If an unauthorized device is plugged in, we can use 3 different violation modes:


    1. Shut down - the port is shutdown and an admin must turn back on.

    2. Protect - This simply mean that the switch will not put anymore mac addresses in its CAM table and no packets will be forwarded except on authorized devices. Protect mode doesn't generate an alert message or email.

    3. Restrict - Lets only authorized mac addresses communicate on the network and generates alert messages and logs. (it keeps a daily log of port activity. )

    Leave a comment:


  • BillyCarpenter
    replied
    Re: Duplicate printer IP address

    techxsge asked a good question: Why would you want to shut down a port...isn't that overkill? Good question.

    I remember when I was going thru CCNA course on Port Security, they brought up an interesting scenario. Some may find this interesting. Forget about an employee bringing in a laptop. Let's focus on a hacker trying to steal sensitive information. What if the hacker is using an Attack Tool that is flooding the switch with Mac Addresses? Remember that a switch has a Mac Address Table that is stored in memory. The attack tool can flood the switch with 1000's of mac addresses in a short amount of time. This will cause flood the memory and the switch will forget all of the good mac addresses and bring down the entire system. Moreover, the hacker can now intercept all known good mac addresses and use a mac spoofing tool. It's bad news.

    From my understanding, Port Security is used in all major organizations.
    Last edited by BillyCarpenter; 11-30-2022, 02:57 PM.

    Leave a comment:


  • BillyCarpenter
    replied
    Re: Duplicate printer IP address

    Originally posted by techsxge
    Isnt an IT Email and shutting off the port kinda an overkill? Just denying any traffic would be more than enough

    Well, lets think about it. If a company has highly classified information stored on their server, wouldn't you want to be notified the second an unauthorized device was plugged in and that port be shut down immediately? That's why switches have this feature.
    Last edited by BillyCarpenter; 11-30-2022, 02:59 PM.

    Leave a comment:


  • BillyCarpenter
    replied
    Re: Duplicate printer IP address

    Originally posted by techsxge
    For personal Devices, there will always be a guest network for as long as i am around. There, they can fight over any ip address they want with themselves but i dont care if they say "ip x is blocked". No personal device has anything to do in a companies network. NEVER. Had seen way too many companies been hacked because a Employees private Notebook got hacked and they shared files from that notebook with colleagues. That is kind of like putting the banks safe key next to the door.
    If they need a static IP in that Guest Network for their device for whatever reason no problem, i'll add that.

    What are you talking about? A wireless guest network?

    I thought we were talking about plugging a device (laptop or otherwise) into an ethernet port?

    Leave a comment:


  • techsxge
    replied
    Re: Duplicate printer IP address

    Originally posted by BillyCarpenter
    There's another way to do this and it's probably the best method, IMHO. You can bind a mac address, or two, to a specific port on the switch. If someone comes along and plugs in a laptop or other device, the port immediately shuts down and the IT dept is notified via email.

    You can also do some other cool stuff but we'll save that for another day.
    Isnt an IT Email and shutting off the port kinda an overkill? Just denying any traffic would be more than enough

    Leave a comment:


  • BillyCarpenter
    replied
    Re: Duplicate printer IP address

    There's another way to do this and it's probably the best method, IMHO. You can bind a mac address, or two, to a specific port on the switch. If someone comes along and plugs in a laptop or other device, the port immediately shuts down and the IT dept is notified via email.

    You can also do some other cool stuff but we'll save that for another day.

    Leave a comment:


  • techsxge
    replied
    Re: Duplicate printer IP address

    Originally posted by slimslob
    Many times an employee connecting their personal laptop don't have permission to do so and as such do not want to get an address automatically as it would then show up in the DHCP log.
    For personal Devices, there will always be a guest network for as long as i am around. There, they can fight over any ip address they want with themselves but i dont care if they say "ip x is blocked". No personal device has anything to do in a companies network. NEVER. Had seen way too many companies been hacked because a Employees private Notebook got hacked and they shared files from that notebook with colleagues. That is kind of like putting the banks safe key next to the door.
    If they need a static IP in that Guest Network for their device for whatever reason no problem, i'll add that.

    Leave a comment:


  • slimslob
    replied
    Re: Duplicate printer IP address

    Originally posted by techsxge
    Nope. Well, if you're doing very basic static IP via the said Machines / Computers then yes. I am talking about proper Static IP via Firewall/DHCP Server or Router. These things will bind a IP Address to an MAC Address which cannot be doubled.
    Many times an employee connecting their personal laptop don't have permission to do so and as such do not want to get an address automatically as it would then show up in the DHCP log.

    Leave a comment:


  • techsxge
    replied
    Re: Duplicate printer IP address

    Originally posted by slimslob
    And you still have the problem of someone connecting their personal laptop using a manually address that is the same as the MFP.
    Nope. Well, if you're doing very basic static IP via the said Machines / Computers then yes. I am talking about proper Static IP via Firewall/DHCP Server or Router. These things will bind a IP Address to an MAC Address which cannot be doubled.

    Leave a comment:


  • larweedad
    replied
    Re: Duplicate printer IP address

    I had one where copier said ip in use. Turned out that the person in charge took a 2 week vacation. when they were in the office no printing. They leave it prints. They standing next to me. Their phone picked up the copiers IP when the came back from vacation.

    Leave a comment:


  • tsbservice
    replied
    Re: Duplicate printer IP address

    Originally posted by slimslob
    And you still have the problem of someone connecting their personal laptop using a manually address that is the same as the MFP.
    They should have reserved in DHCP IP addresses of MFPs by their MAC address which they didn't... till now.
    I think this is among simple best practices of IT staff but who em I

    Leave a comment:


  • slimslob
    replied
    Re: Duplicate printer IP address

    Originally posted by techsxge
    Thats why you configure DHCP Ranges and put the machine outside of that range + have a documenation on hand for the non-dhcp ranges
    And you still have the problem of someone connecting their personal laptop using a manually address that is the same as the MFP.

    Leave a comment:


  • techsxge
    replied
    Re: Duplicate printer IP address

    Originally posted by tsbservice
    Just yesterday had a call from IT guy that machine (KM in this case if that matters) stopped to print.
    They checked driver, port, cable, etc. There was ping reply but no printer web page interface. I told them try to scan to email which he thinks was failing either but upon last attempt he saw message on machine that job failed due to duplicate IP I was on the phone and we run advanced IP scanner (after turning Off the machine) which found some PC taking over machine IP. Lesson again and again learned... never trust customers
    Thats why you configure DHCP Ranges and put the machine outside of that range + have a documenation on hand for the non-dhcp ranges

    Leave a comment:

Working...