There are many great OUI lookup websites out there, but one of the first that pops up in a Google search is the one from Wireshark. In fact, if you have seen a MAC address before, you have seen the OUI! The OUI is the first three octets of a MAC address.įor instance, the MAC address that starts with 74:e6:e2 is a Dell MAC address. You might wonder, what is an OUI anyway? The OUI is known as the Organizationally Unique Identifier that is the 24-bit number that uniquely identifies a vendor or manufacturer of a certain piece of hardware.
If you have several Arpwatch probes out on your network, using Ansible is a great way to automate this process of updating the OUI tables. Let’s take a look at how to Use Ansible to Update OUI tables in Arpwatch. One of the housekeeping tasks that need to be done with Arpwatch however is maintaining updates on the OUI tables. I have written a few posts on how to get up and running fairly quickly with the solution, including email alerts. It is a great tool overall that I highly recommend running in a lightweight Linux VM on the network. It can help to uncover not only network issues that may exist, but also potential security events unfolding or machines being on a segment of the network they should not be on. As most of you are aware, I have written a few posts about Arpwatch and the great value it provides in a network for visibility.
0 kommentar(er)
