Print

Print


Thank You for all your help on this ..

 

Unfortunately, only 1 of our switches is managed (and probably not very well !)

 

Look@Lan is a pretty neat and FAST program .. much easier/lightweight than Tenable Nessus .. It couldn’t identify the machine as windows or Macintosh.

 

OK – I have made the MAC address a reservation in DHCP, and changed the default gateway for that reservation to 127.0.0.1 which should short circuit the Internet connection..

 

Now I will wait for the call.

 

BC

 


From: School Information Technology Discussion [mailto:[log in to unmask]] On Behalf Of Stephen Barner
Sent: February 19, 2008 1:24 PM
To: [log in to unmask]
Subject: Re: Tracking down rogue computer

 

If you are using managed switches, check to see which one the device is plugged into and you should be able to get into the general area. If you've got an accurate cable map, you should be able to follow the wire from the appropriate telecommunications outlet right to it. If you don't have a cable map, perhaps it's time for a student project.

 

--Steve Barner, South Burlington

 


From: School Information Technology Discussion [mailto:[log in to unmask]] On Behalf Of Bill Clark
Sent: Tuesday, February 19, 2008 11:23 AM
To: [log in to unmask]
Subject: Tracking down rogue computer

 

Greetings:

 

There is a computer on the network whose name is simply “WORK” , and it does not belong. If folks need to use a non-school laptop or computer, it comes to me first.

 

It has been there for many days. I see it in the Wins info, and DHCP. Call me a control freak, but I want to catch this person.

 

Is there a way to block traffic from this one device ? Can I use some kind of sniffer to see what type of traffic is coming from this machine ? Maybe it is a rogue access point …

 

Thx,

 

Bill Clark

Austine School for the Deaf

 

 

 


______________________________________________________________ ______________________________________________________________
This email may contain information protected under the Family Educational Rights and Privacy Act (FERPA) or the Health Insurance Portability and Accountability Act (HIPAA). If this email contains confidential and/or privileged health or student information and you are not entitled to access such information under FERPA or HIPAA, federal regulations require that you destroy this email without reviewing it and you may not forward it to anyone.
--
This message has been scanned for viruses and
dangerous content by MailScanner ,ClamAV and Bitdefender, and is
believed to be clean.


______________________________________________________________ ______________________________________________________________
This email may contain information protected under the Family Educational Rights and Privacy Act (FERPA) or the Health Insurance Portability and Accountability Act (HIPAA). If this email contains confidential and/or privileged health or student information and you are not entitled to access such information under FERPA or HIPAA, federal regulations require that you destroy this email without reviewing it and you may not forward it to anyone.
--
This message has been scanned for viruses and
dangerous content by MailScanner ,ClamAV and Bitdefender, and is
believed to be clean.