Spanning tree should be enabled by default unless you have disabled the protocol; you should also disable any unused ports that are not being used (This will somwhat stop mischief); there are other mechanisms (Layer 2 attacks) you should consider (CDP, Mac Spoofing, Root Guard, Broadcast suppression, etc). There are many tools available that can bring down a network. Do you have a network diagram? Do you have STP disabled?
Billy
