Techniques for finding rogue switches without cool hardware/software?
So... sometimes I have to check out our switch topology. We have many sites and sometimes our docs aren't up to date or someone overwrote my updates and 8 months later I'm looking at them and I know there's other switches. What I need to know is what ports are they on. We don't always have the luxury of stacked switches and we don't configure a LACP group for everything. Sometimes we just run one cable to a new switch. Plus, there may be rogure switches out there.
We have an Avaya network and all I can figure to do is run show mac-address-table and look for ports that have a ton of addresses on them. There has to be a better way. Show lldp neighbors doesn't work b/c we have nortel phones that all are little 2 port switches (one port for the PC, the other connects up to the other switches and tags phone traffic). Is there a better way to do this? It's easy, for instance, to miss a rogue switch that has a PC and a printer on it. |
There may be other methods, but the first one that springs to mind is masscan
So fast! "Scan the whole internet in 3 minutes" Here's a working config Code:
### 2017-06-21 Code:
touch /path/to/excludes.txt and the c-line I use to run it. Code:
sudo masscan -c /path/to/config Code:
Starting masscan 1.0.4 (http://bit.ly/14GZzcT) at 2017-08-10 20:22:58 GMT Code:
#masscan |
Only "range" needs to be edited.
|
All times are GMT -5. The time now is 05:06 PM. |