Charles Beierle

Beacon Profiler

Discussion created by Charles Beierle on Oct 22, 2010

The Beacon Profiler is a device that, fed with the right information, can help inventory systems on your network and identify rogue devices. I have attached my first attempt at a functional xml and correlation rule for detecting unknown devices. This is not exhaustive in terms of messages but it will give anyone with a profiler a starting point. Please post up if you have improvements or comments.

Attachments

Outcomes