Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
2
Replies

Using CSA to prevent NIC in Promiscious Mode(Windows)

mnlatif
Level 3
Level 3

‎11-28-2006 12:50 PM - edited ‎03-10-2019 03:20 AM

Hi,

There seems to be no functionality in CSA-Windows Rule to prevent going a NIC into promiscious mode (Though there is a UNIX rule for that).

How I can I prevent sniffer applications from being launched on Windows using CSA ?

I don't want to create a List of sniffer application and then use Application Control rule, since that means I will have to keep updating that list.

Is there a more dynamic way ?

Thanks,

Naman

Labels:
0 Helpful
2 Replies 2

tsteger1
Level 8
Level 8

‎12-01-2006 09:34 AM

You might try a 'connection rate limit' rule to keep hosts from making over a certain amount of connections in a specified period of time.

There might also be a way to classify 'chatty' applications dynamically and then deny them the ability to make over a certain number of connections.

Why are you trying to accomplish this, if you don't mind my asking?

Tom S

0 Helpful

tsteger1
Level 8
Level 8
In response to tsteger1

‎12-01-2006 04:03 PM

You also might try blocking the packet drivers (like WinPcap) that these apps rely on. It might be an easier list to manage.

Tom S

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card