Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Physical Computer Location

From: "David Sommers" <dsommers () dialogmedical com>
Date: Thu, 28 Aug 2003 13:18:46 -0400
You could write a network script that lists computers and the currently
logged in user.  Have a mapping of the "actual" list and match it to a
weekly ran script.

        http://www.mvps.org/vbnet/code/network/netwkstauserenum.htm

        
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=3d106432%240%
2414585%24d40e179e%40nntp01.dk.telia.net&rnum=1&prev=/groups%3Fhl%3Den%2
6lr%3D%26ie%3DISO-8859-1%26q%3DIf%2BLoggedOn%2B%253D%2B%2522%2522%2Bthen
        
        http://dbforums.com/arch/196/2002/7/428004


And you can use simple scripts (below) to pull in the list of users and
computers

        http://dbforums.com/arch/196/2002/12/586536

Anyone not logged into the correct machine will easily be found by a
simple comparison program or even fc.

David Sommers.


-----Original Message-----
From: Christopher Black [mailto:cblack () cc3 com] 
Sent: Thursday, August 28, 2003 12:48 PM
To: Zachary Mutrux; security-basics () securityfocus com
Subject: RE: Physical Computer Location

A costly solution would be to use a dynamic mapping utility such as the
4 port Ethernet jack by 3com.  The jack will map the network and
dynamically change the map as PC's move.

Christopher Black
CC3 Network Engineer
cblack () cc3 com
215-672-6900 x8179



-----Original Message-----
From: Zachary Mutrux [mailto:zmutrux () compumentor org] 
Sent: Thursday, August 28, 2003 12:22 PM
To: security-basics () securityfocus com
Subject: RE: Physical Computer Location


You can deal with it in a couple of ways.

1) Roll your eyes, alter the inventory to reflect the new computer's
location.

2) Examine your equipment replacement policy to replace 
computers not based
on age, but on who would benefit the company the most by having a new
computer, based on improved productivity from a faster 
machine, for example.
Maybe the doctor needs a new machine more than the secretary.

3) Disallow users other than the assigned user to log on to 
the computer.
Or, just disallow the doctor from logging on to his 
secretary's machine. In
dark and forbidding tones, forbid the secretary from 
revealing her password
to the doctor. It doesn't do the doctor much good to move the 
computer if he
can't log on. You can accomplish this in the local security 
policy on the
computer if it is running Windows 2000 or XP. You might even 
be able to do
it for whole groups of computers using Group Policy in 
Windows 2000 domains.
If anyone complains about this, tell them you are applying the policy
because of HIPAA regulations.

Since you have more computers than users, obviously some 
users may need to
log on to more than one machine. So proceed cautiously with 
this policy.

4) Talk to your supervisor about the problem and see if he 
can talk to the
doctor's supervisor about the problem. This probably will be 
ineffectual.

That's all I can think of right now.

Yours,

Zac

--
Zac Mutrux
Technology Consultant
CompuMentor
415-633-9437



On Mon, 25 Aug 2003, Thomas Graf wrote:


Hello everyone!

I am a newbie trying to make some in-roads in the network security
department.  I work at a hospital with approximately 1000 users but
about 3000 computers.  We are currently rolling out new 

computers and

are having problems after they are installed.  For example, 

we replace

the secretary's computer but the doctor is fussing because he is not
getting a new one.  So, he being the powerful doctor will 

swap the new

one with his old one.  We then have the wrong location listed on the
information database for that computer.  We try to correct 

the situation

as much as we can but this being a huge hospital, it gets very hard.
So, what can we do to keep track of any physical movements of the
computer over the network?  Any suggestions are acceptable.  We just
can't lock down the computers because of all the movements in
departments because of construction.

Thomas Graf
IS Hardware/Software Tech
(254)724-0155



--------------------------------------------------------------
-------------
Attend Black Hat Briefings & Training Federal, September 
29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black 
Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and 
sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration 
ends September 6.Visit us: www.blackhat.com
--------------------------------------------------------------
--------------




------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Federal, September 29-30
(Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event
in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September
6.Visit us: www.blackhat.com
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event.  Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: