Home page logo
/

basics logo Security Basics mailing list archives

FW: Identifying a computer
From: "Alex Pimperton" <Alex () MAGDALENSTREET CO UK>
Date: Wed, 3 Dec 2003 23:30:53 -0000

The only thing I can think of, assuming you aren't running layer 3 or
managed switches, is blocking the IP from accessing the net and see who
complains...

You could also run a traffic sniffer such as ethereal on your linux
server, and see if any incriminating evidence shows up (machine name
etc)

Unless this local LAN is someplace like a university or public access
LAN, I suggest that you implement an acceptable internet use policy.
This will be much more effective in the long run than chasing up people
who consume to much bandwidth.

Thanks

Alex

-----Original Message-----
From: Cheetah [mailto:cheetahx () online no]
Sent: 03 December 2003 15:38
To: security-basics () securityfocus com
Subject: Identifying a computer

Hello.

I am helping the sysadmin on my local LAN to manage the network, etc.
We have limited internet-bandwidth, and therefore it is necessary to
make
sure no-one
is taking to much of the bandwidth, as others will not be able to use
the
internet connection.

For the last 2 days, a new IP has appeared, and it is constantly using
a
lot
of bandwidth.
We have a linux-server running DHCP, DNS and the internet-connection.
I
have
checked the
dhcpd.leases file, but the IP isn't there. I have also tried to ping
and
scan this IP, but the computer
is running a strong firewall, shows no open ports and doesn't even
respond
to pings.

Is there any way I can get some information out of this computer
without
running around
and asking everyone what their IP is?

Tore




------------------------------------------------------------------------
--
-

------------------------------------------------------------------------
--
--




---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]