Stopping someone accessing local network by physically cut / splicing into structured cabling

Question

When visiting another company i recently saw a setup where a company had 2 offices one on the 3rd floor and one on the 5th floor in the same block.

To link the 2 offices (i guess so that they where on one LAN) they had run a bunch of cat cable some in concealed risers, but some of the cable run was discreetly surface mounted.

Is this a security issue ? Would it be as simple as someone cutting the cable, putting rj45 ends on each end of the cut and placing them into a 5 port switch. Then connecting a laptop to one of the other ports on the switch to gain access to the network.

What can be done in the system / router config to prevent this ? Can the local network be encrypted on the router ?

(Other than making sure all structured cabling is properly concealed, but even then someone can cut through a 2mm thick piece of aluminium trunking.)

score 0 · Answer 1 · answered Oct 03 '16 at 10:29

The router can register MAC address of connected clients and reject connection by all other clients.

To make management easier, you can setup the trunk to have only two routers connected, and you will need to only explicitly allow the connection between the two routers instead of updating the MAC list every time a new device is connected.

Stopping someone accessing local network by physically cut / splicing into structured cabling

1 Answers1