Re: Possible Security Leak
From: andy smart (anonymus_at_discussions.microsoft.com)
Date: 02/18/05
- Next message: Mark Stonestreet: "Re: security log anomolies"
- Previous message: Mick: "Hotfixes"
- In reply to: Snoopy: "Possible Security Leak"
- Next in thread: Steven L Umbach: "Re: Possible Security Leak"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 18 Feb 2005 13:08:43 +0000
Snoopy wrote:
> Dear Pros,
>
> I always get warning message from my DHCP server services and tell me that
> the available IP is running low, I actually get this meesage from event log.
> But after I check my DHCP leasing details I can always found at leat 8 to 10
> un-identify PC, and the computer name which never exist in my company, with
> the the identit information RAS? Is this meaning someone is connecting my
> server from remote by RAS metho? If this answer is yes, how should I get the
> connecting info? My company did not implement the VPN also we do not allow
> user to connect to server after working hour (only normal mail services
> available). So could this meaning someone is connecting to my server which
> possible from the outsider?
>
> We do have the problem with the previous IS employee, but he left our
> company for a long time, the reason for me to said that is because he was
> never stop to attact the company from time to time, by virus or mail bomb,
> and always address himself as internal IS Dept. head. I caugh him few
> times......................
>
> So can please any one tell me how to invesgate this situation and how to
> close possible the security leak hole.
>
> Appreicate for the help in advance.
>
> Snoopy
I've had this on one PC which had an internal modem (it wasn't ever
plugged into the phone line) - DHCP seemed to be allocating an address
for this even though it wasn't actually being used. It was the only way
in which this machine was any different to all the others - but it was
clear which machine it was so the situation isn't totally similar to yours.
- Next message: Mark Stonestreet: "Re: security log anomolies"
- Previous message: Mick: "Hotfixes"
- In reply to: Snoopy: "Possible Security Leak"
- Next in thread: Steven L Umbach: "Re: Possible Security Leak"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
