From: Rob Hopkins (rshopkins@xxxxxxxxxxxxx)
Date: Sun Jun 09 2002 - 13:24:41 GMT-3
I've had to do many of these audits, a couple of obvious methods:
do port scans, record all ip's that have telnet open,
you can then write scripts to push out snmp config, and or explore
their CDP neighbors if its supported.
Do a ping scan, record all the ARP entries, you can then cross reference the
mac
addresses to vendor equipment, and boil it down from there...
----- Original Message -----
From: "Denton Bobeldyk" <denny@bobeldyk.org>
To: <ccielab@groupstudy.com>
Sent: Thursday, June 06, 2002 12:31 PM
Subject: OT: Out of Control Asset Mgmt
> I'm looking at a few Enterprise level customers that don't have an idea
> of what sort of Cisco equipment they have.
>
> They're looking for a good inventory of all of their equipment.
> Physically walking around to all of their remote sites is out of the
> question simply for cost/time.
>
> SNMP would be great but not all of their switches/ routers are
> guaranteed to support SNMP or have it turned on.
> NMap OS Detecter might not be a bad idea, if it could detect the type of
> device and IP address. I could then telnet into the device and gather
> the serial number, etc. This of course wouldn't work for any device
> that doesn't have an IP address.
>
> Anybody else have any ideas, or better yet, actually do this
> successfully for a very large enterprise organization?
>
> -Denny
>
> P.S. Building a Time Machine and going back in time to actually track
> the devices before they were rolled out is not an option ;-)
This archive was generated by hypermail 2.1.4 : Tue Jul 02 2002 - 08:12:29 GMT-3