Author Topic: Track MAC Addresses (Read 606 times)

giffordj · « **on:** June 26, 2024, 08:01:46 am »

I have a few office's that need the ability to track the mac-addresses attached to their network for audit purposes. The way the some of offices do that today is by a program on the server using LAN sweeper. Is there a plugin for OPNsense to offer similar functionaility?

Monviech (Cedrik) · « **Reply #1 on:** June 26, 2024, 08:21:48 am »

That's just ARP.

https://en.wikipedia.org/wiki/Address_Resolution_Protocol

You can check the ARP Table:

Interfaces - Diagnostics - Arp Table
/ui/diagnostics/interface/arp

Seimus · « **Reply #2 on:** June 26, 2024, 10:16:36 am »

If you have there as well a switch that connects the Hosts to the network, and if that switch is a managed one you can check the mac-address table to see to which port which MAC address is connected.

Regards,
S.

giffordj · « **Reply #3 on:** June 27, 2024, 04:36:38 am »

This is a HIPAA compliance thing, they want to see a report that shows a new address within 15 minutes of it being added. I was thinking a cron script, but wasn't sure if anything was out there currently.

Seimus · « **Reply #4 on:** June 27, 2024, 09:41:04 am »

If they want to do compliance on persistent base to scope network, just use some kind of tool.

For example you can use NetAlertX by jokob-sk or just plain old good arpscan.

https://github.com/jokob-sk/NetAlertX

I use it at home running as a docker container. Its basically a combination of several features such as arpscan and NMAP, than can scope out what was connected, disconnected on the network.

Regards,
S.

Author Topic: Track MAC Addresses (Read 606 times)

giffordj

Track MAC Addresses

Monviech (Cedrik)

Re: Track MAC Addresses

Seimus

Re: Track MAC Addresses

giffordj

Re: Track MAC Addresses

Seimus

Re: Track MAC Addresses