Security Basics mailing list archives
FW: Identifying a computer
From: "Alex Pimperton" <Alex () MAGDALENSTREET CO UK>
Date: Wed, 3 Dec 2003 23:30:53 -0000
The only thing I can think of, assuming you aren't running layer 3 or managed switches, is blocking the IP from accessing the net and see who complains... You could also run a traffic sniffer such as ethereal on your linux server, and see if any incriminating evidence shows up (machine name etc) Unless this local LAN is someplace like a university or public access LAN, I suggest that you implement an acceptable internet use policy. This will be much more effective in the long run than chasing up people who consume to much bandwidth. Thanks Alex
-----Original Message----- From: Cheetah [mailto:cheetahx () online no] Sent: 03 December 2003 15:38 To: security-basics () securityfocus com Subject: Identifying a computer Hello. I am helping the sysadmin on my local LAN to manage the network, etc. We have limited internet-bandwidth, and therefore it is necessary to
make
sure no-one is taking to much of the bandwidth, as others will not be able to use
the
internet connection. For the last 2 days, a new IP has appeared, and it is constantly using
a
lot of bandwidth. We have a linux-server running DHCP, DNS and the internet-connection.
I
have checked the dhcpd.leases file, but the IP isn't there. I have also tried to ping
and
scan this IP, but the computer is running a strong firewall, shows no open ports and doesn't even
respond
to pings. Is there any way I can get some information out of this computer
without
running around and asking everyone what their IP is? Tore
------------------------------------------------------------------------ --
-
------------------------------------------------------------------------ --
--
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Identifying a computer Mike (Dec 03)
- Re: Identifying a computer Paul Kurczaba (Dec 04)
- <Possible follow-ups>
- RE: Identifying a computer McGill, Lachlan (Dec 04)
- Re: Identifying a computer Jimi Thompson (Dec 08)
- FW: Identifying a computer Alex Pimperton (Dec 04)
- RE: Identifying a computer Batkin, Seva (Dec 04)
- RE: Identifying a computer Shawn Jackson (Dec 04)
- Re: Identifying a computer gregh (Dec 04)
- RE: Identifying a computer JAVIER OTERO (Dec 04)
- RE: Identifying a computer Dean Davis (Dec 08)