From: Peter Valian (valianp@southwestern.edu)
Date: Tue Dec 16 2003 - 15:17:50 CST
you would need to add it. you can get the OUI database here:
http://standards.ieee.org/regauth/oui/index.shtml
On Tue, 2003-12-16 at 14:00, Jefferson Cowart wrote:
> Is any of this functionality currently built into the system, or would I
> need to add it?
>
>
> ----------------
> Thanks
> Jefferson Cowart
> Jeff@cowart.net
>
> > -----Original Message-----
> > From: owner-netreg@southwestern.edu
> > [mailto:owner-netreg@southwestern.edu] On Behalf Of Peter Valian
> > Sent: Tuesday, December 16, 2003 12:30
> > To: netreg@southwestern.edu
> > Subject: RE: NetReg: Windows XP Network Bridging
> >
> >
> > It may not be a bad idea in general to have a script check a OUI
> > database to make sure the MAC is from a known vendor and maybe alert
> > someone to it...it could also take the user to a different
> > page and say
> > stuff like "Network bridge detected...please make sure you
> > don't have a
> > bridge running....blah...if you think you have reached this page in
> > error, please contact the helpdesk".
> >
> > might be a good overall sanity check against tricky apps (i.e. AOL
> > dialer)
> >
> > -p
> >
> > On Tue, 2003-12-16 at 12:25, Jefferson Cowart wrote:
> > > When one chooses certain settings in the network setup
> > wizard Windows XP
> > > will bridge the connections. It appears to be a pretty
> > common occurrence as
> > > we have seen at least 10-15 bridges on our network with
> > many more likely
> > > ones identified. I have read that the 802.1d spec
> > (bridging) says that the
> > > numerically lower mac address is supposed to be used for
> > the Bridge MAC,
> > > however my tests of this have shown it to not be what MS
> > choose to do
> > > (surprise, surprise). In every case that I have looked at
> > so far MS takes
> > > one of the MAC addresses (I haven't checked if it is the
> > numerically lower
> > > MAC) and replaces the first pair of characters with 02.
> > Additionally every
> > > machine that I have investigated that starts with 02 has
> > ended up being a
> > > windows XP machine with a bridge. Additionally these MACs
> > have shown up in a
> > > range that the IEEE reports as not matching any
> > manufacturer. I'm thinking
> > > possibly a lookup test on the MAC addresses to make sure there is a
> > > corresponding manufacturer might be able to reveal
> > something, however that
> > > would be a pain to code probably.
> > >
> > >
> > > ----------------
> > > Thanks
> > > Jefferson Cowart
> > > Jeff@cowart.net
> > >
> > > > -----Original Message-----
> > > > From: owner-netreg@southwestern.edu
> > > > [mailto:owner-netreg@southwestern.edu] On Behalf Of Peter Valian
> > > > Sent: Tuesday, December 16, 2003 10:54
> > > > To: netreg@southwestern.edu
> > > > Subject: Re: NetReg: Windows XP Network Bridging
> > > >
> > > >
> > > > greping for ^02: would be bad because legitimate 3com
> > cards along with
> > > > other lesser known manufacturers start with "02:".
> > > >
> > > > XP is bridging the wireless network to the wired network? is this
> > > > something it does by default?
> > > >
> > > > Does XP forge a MAC address for this bridged connection? can
> > > > someone do
> > > > a quick test for this?
> > > >
> > > > On Mon, 2003-12-15 at 18:38, Jefferson Cowart wrote:
> > > > > We are having a problem dealing with machines that are
> > > > using Windows XP,
> > > > > have multiple network cards, and have enabled network
> > > > bridging. The problem
> > > > > stems from the problem that we also have a wireless network
> > > > and when clients
> > > > > are connected to both networks we end up with a loop due to
> > > > the connections
> > > > > being bridged. What we are trying to do is find a way to
> > > > identify the
> > > > > machines that have network bridging enabled and present
> > them with a
> > > > > different page that tells them how to disable bridging. If
> > > > I can figure out
> > > > > how to identify them I know how to do the rest. Does anyone
> > > > know of anyway
> > > > > to identify a machine that has bridging enabled. In my
> > > > examination so far
> > > > > every machine that has had bridging enabled has had a MAC
> > > > address starting
> > > > > with "02:". Looking through the registered systems every
> > > > machine that has a
> > > > > MAC starting with "02" is running Windows XP so it looks
> > > > like we might be
> > > > > able to find them this way, but that doesn't strike me as
> > > > the best test in
> > > > > the off chance that someone has a NIC that has a legitimate
> > > > MAC starting
> > > > > with 02. Has anyone else run into this problem and found a
> > > > solution to it.
> > > > > Thanks for the help.
> > > > >
> > > > >
> > > > > ----------------
> > > > > Thanks
> > > > > Jefferson Cowart
> > > > > Jeff@cowart.net
> > > > >
> > > > >
> > > >
> > **********************************************************************
> > > > > To unsubscribe from this list, send an e-mail message to
> > > > > majordomo@southwestern.edu containing a single line
> > with the words:
> > > > > unsubscribe netreg
> > > > > Send requests for assistance to: owner-netreg@southwestern.edu
> > > > >
> > > >
> > **********************************************************************
> > > >
> > > >
> > **********************************************************************
> > > > To unsubscribe from this list, send an e-mail message to
> > > > majordomo@southwestern.edu containing a single line with
> > the words:
> > > > unsubscribe netreg
> > > > Send requests for assistance to: owner-netreg@southwestern.edu
> > > >
> > **********************************************************************
> > > >
> > >
> > >
> > **********************************************************************
> > > To unsubscribe from this list, send an e-mail message to
> > > majordomo@southwestern.edu containing a single line with the words:
> > > unsubscribe netreg
> > > Send requests for assistance to: owner-netreg@southwestern.edu
> > >
> > **********************************************************************
> >
> > **********************************************************************
> > To unsubscribe from this list, send an e-mail message to
> > majordomo@southwestern.edu containing a single line with the words:
> > unsubscribe netreg
> > Send requests for assistance to: owner-netreg@southwestern.edu
> > **********************************************************************
> >
>
> **********************************************************************
> To unsubscribe from this list, send an e-mail message to
> majordomo@southwestern.edu containing a single line with the words:
> unsubscribe netreg
> Send requests for assistance to: owner-netreg@southwestern.edu
> **********************************************************************
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:42 CDT