RE: rogue IP address

• Previous message: Hiroaki Kondo: "Re: Free Active Directory Tool"
• In reply to: dondon_at_pacbell.net: "rogue IP address"
• Next in thread: Erik !: "Re: rogue IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <dondon@pacbell.net>, <security-basics@securityfocus.com>
Date: Sun, 4 May 2003 21:09:47 +0200

Perhaps you can tryout the following,

1. NTOP (Get more details on what the specific host is doing
2. Use simple nmap to get more details and perhaps use Nessus to
disable/scan the host.

Anthony

-----Oorspronkelijk bericht-----
Van: dondon@pacbell.net [mailto:dondon@pacbell.net]
Verzonden: donderdag 1 mei 2003 0:40
Aan: security-basics@securityfocus.com
Onderwerp: rogue IP address

Someone on our network assigned an IP address to their own system without
my knowledge. Using LANguard network scanner, the best I can tell is that
it's a Linux box. The port-to-IP mapping table on our Asante switch
doesn't see to work correctly.

Any suggestions on tracing down that system that is associated with the IP
is appreciated!

Andy

---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most
recognized corporate security certification track, provides a comprehensive
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization
of pertinent security tools. For a limited time you can enter for a chance
to win one of the latest technological innovations, the SEGWAY HT.
Log onto http://www.securityfocus.com/FastTrain-security-basics
----------------------------------------------------------------------------

• Previous message: Hiroaki Kondo: "Re: Free Active Directory Tool"
• In reply to: dondon_at_pacbell.net: "rogue IP address"
• Next in thread: Erik !: "Re: rogue IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]