Print

Print


Thank You for all your help on this .. 

 

Unfortunately, only 1 of our switches is managed (and probably not very well
!)

 

Look@Lan is a pretty neat and FAST program .. much easier/lightweight than
Tenable Nessus .. It couldn't identify the machine as windows or Macintosh.

 

OK - I have made the MAC address a reservation in DHCP, and changed the
default gateway for that reservation to 127.0.0.1 which should short circuit
the Internet connection..

 

Now I will wait for the call.

 

BC

 

  _____  

From: School Information Technology Discussion
[mailto:[log in to unmask]] On Behalf Of Stephen Barner
Sent: February 19, 2008 1:24 PM
To: [log in to unmask]
Subject: Re: Tracking down rogue computer

 

If you are using managed switches, check to see which one the device is
plugged into and you should be able to get into the general area. If you've
got an accurate cable map, you should be able to follow the wire from the
appropriate telecommunications outlet right to it. If you don't have a cable
map, perhaps it's time for a student project.

 

--Steve Barner, South Burlington

 

  _____  

From: School Information Technology Discussion
[mailto:[log in to unmask]] On Behalf Of Bill Clark
Sent: Tuesday, February 19, 2008 11:23 AM
To: [log in to unmask]
Subject: Tracking down rogue computer

 

Greetings:

 

There is a computer on the network whose name is simply "WORK" , and it does
not belong. If folks need to use a non-school laptop or computer, it comes
to me first.

 

It has been there for many days. I see it in the Wins info, and DHCP. Call
me a control freak, but I want to catch this person.

 

Is there a way to block traffic from this one device ? Can I use some kind
of sniffer to see what type of traffic is coming from this machine ? Maybe
it is a rogue access point .

 

Thx,

 

Bill Clark

Austine School for the Deaf

 

 

 


______________________________________________________________
______________________________________________________________ 
This email may contain information protected under the Family Educational
Rights and Privacy Act (FERPA) or the Health Insurance Portability and
Accountability Act (HIPAA). If this email contains confidential and/or
privileged health or student information and you are not entitled to access
such information under FERPA or HIPAA, federal regulations require that you
destroy this email without reviewing it and you may not forward it to
anyone. 
-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner ,
<http://www.clamav.net/> ClamAV and  <http://www.bitdefender.com/>
Bitdefender, and is 
believed to be clean. 


______________________________________________________________
______________________________________________________________ 
This email may contain information protected under the Family Educational
Rights and Privacy Act (FERPA) or the Health Insurance Portability and
Accountability Act (HIPAA). If this email contains confidential and/or
privileged health or student information and you are not entitled to access
such information under FERPA or HIPAA, federal regulations require that you
destroy this email without reviewing it and you may not forward it to
anyone. 
-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner ,
<http://www.clamav.net/> ClamAV and  <http://www.bitdefender.com/>
Bitdefender, and is 
believed to be clean.