I am trying to locate illegal network devices, hubs, on my network. I know I can use the "show cam dynamic" and sift through all the MAC addresses associated with the ports, but are there any other ways to make this easier?
do the same thing, sho cam dynamic, paste into notepad, get rid of the "mores", empty lines, etc. then import into excel and sort by ports. should save some time.
Look for ports or interfaces that have multiple MAC addresses, indicating that there is either a hub or switch downstream. (Be careful not to confuse multicast MAC addresses with workstation network adapter MAC addresses.)
Here's an interesting tool that might come in handy, and make this task a little easier. The Switch Port Mapper, included in SolarWinds's Engineer's Edition toolset, makes the following claim:
"The Switch Port Mapper is unique in the industry in that it is even capable of discovering downstream unmanageable (dumb) hubs and discover the devices connected to them. With the Switch Port Mapper by SolarWinds you may never need to trace a cable again."
Follow the link, and run the on-line demo, very informative.
Hope this helps.
We have SolarWinds Engineer Edition, and the Switch Port Mapper doesn't work on some of our 5000 Series Switches because they don't support the Bridge-MIB...
Ciscoworks2000 provide similar function:
Campus Manager -> User Tracking -> Reports -> Ports with Multiple MAC
But I'm afraid it's a little expensive if you are not using it already.