Home page logo

basics logo Security Basics mailing list archives

Re: rogue IP address
From: "Benjamin A. Okopnik" <ben () callahans org>
Date: Fri, 2 May 2003 14:13:38 -0400

On Thu, May 01, 2003 at 01:18:34PM -0700, Chris Berry wrote:
From: <dondon () pacbell net>
Someone on our network assigned an IP address to their own system without
my knowledge.  Using LANguard network scanner, the best I can tell is that
it's a Linux box.  The port-to-IP mapping table on our Asante switch
doesn't see to work correctly.

Any suggestions on tracing down that system that is associated with the IP
is appreciated!

Assign that IP to another box and wait to see who calls in for tech support 
because of the conflict.

A sysadmin I know used a Windows box on her all-Linux network for just
that purpose; seems that Windows is *a lot* more contentious when
fighting for a specific IP than Linux is. Mr. "oh, is that what those
numbers I changed mean?" User showed up at her door within minutes.

Ben Okopnik
Never attribute to malloc that which can be adequately explained by
 -- Joerg Pommnitz

FastTrain has your solution for a great CISSP Boot Camp. The industry's most 
recognized corporate security certification track, provides a comprehensive 
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case 
studies and true hands-on utilization 
of pertinent security tools. For a limited time you can enter for a chance 
to win one of the latest technological innovations, the SEGWAY HT. 
Log onto http://www.securityfocus.com/FastTrain-security-basics 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]