Thanks Joseph, i will give the extended access-list a shot and try it
out with some IP Scanners i downloaded.
On 2/28/13, Joseph L. Brunner <joe_at_affirmedsystems.com> wrote:
> Icmp echo and echo reply - but there are other scanners that will go by
> ports found open and not use icmp...
>
> I'm sure you can figure out how to use vacl's on your switches to block
> users from using these utilities...
>
> Another option is using private vlans for sensitive areas like servers...
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> rufai michael
> Sent: Thursday, February 28, 2013 7:49 AM
> To: Cisco certification
> Subject: OT:LAN IP Scanning
>
> Hello, sorry for the OT, i have a challenge, i don't want users to be able
> to scan IP address on my LAN for instance when they use a software like
> Advanced IP Scanner, only want to restrict this kind of utility to the IT
> Staff. Is there a default port that this utility works on so that i can
> block it or how do i go about this?
>
> BR.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Feb 28 2013 - 17:02:25 ART
This archive was generated by hypermail 2.2.0 : Fri Mar 01 2013 - 07:57:59 ART