Re: detect intruders with WMI
From: [MS] Scott McNairy (scotmc@online.microsoft.com)
Date: 12/17/02
- Next message: Daniel Pravat [MSFT]: "Re: detect intruders with WMI"
- Previous message: ChadP: "Smart Cards"
- In reply to: A. Tolga KILINĒ: "detect intruders with WMI"
- Next in thread: Daniel Pravat [MSFT]: "Re: detect intruders with WMI"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "[MS] Scott McNairy" <scotmc@online.microsoft.com> Date: Tue, 17 Dec 2002 10:10:25 -0800
I don't know if this will help you out or not but WMI returns macAddress
properties within the Win32_NetworkAdapter and the
win32_NetworkAdapterConfiguration classes in the root\cimv2 namespace. I
don't know how you would go about determining if a MAC address is spoofed or
not, but if you have a way to determine this we might be able to come up
with a way to detect it by using WMI...
-- [MS] Scott McNairy WMI Test Engineer This posting is provided "As Is" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm "A. Tolga KILINĒ" <kilinc@tis.havelsan.com.tr> wrote in message news:Ow30NRepCHA.2384@TK2MSFTNGP09... > Hi, > How can I use WMI scripting to detect internal intruder machines in > LAN/domain? Can I utilize WMI scripts or other techniques to detect spoofed > MAC addresses...etc? > Regards, > Tolga > >
- Next message: Daniel Pravat [MSFT]: "Re: detect intruders with WMI"
- Previous message: ChadP: "Smart Cards"
- In reply to: A. Tolga KILINĒ: "detect intruders with WMI"
- Next in thread: Daniel Pravat [MSFT]: "Re: detect intruders with WMI"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
