Security Basics mailing list archives
RE: Physical Computer Location
From: "David Sommers" <dsommers () dialogmedical com>
Date: Thu, 28 Aug 2003 13:18:46 -0400
You could write a network script that lists computers and the currently logged in user. Have a mapping of the "actual" list and match it to a weekly ran script. http://www.mvps.org/vbnet/code/network/netwkstauserenum.htm http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&threadm=3d106432%240% 2414585%24d40e179e%40nntp01.dk.telia.net&rnum=1&prev=/groups%3Fhl%3Den%2 6lr%3D%26ie%3DISO-8859-1%26q%3DIf%2BLoggedOn%2B%253D%2B%2522%2522%2Bthen http://dbforums.com/arch/196/2002/7/428004 And you can use simple scripts (below) to pull in the list of users and computers http://dbforums.com/arch/196/2002/12/586536 Anyone not logged into the correct machine will easily be found by a simple comparison program or even fc. David Sommers. -----Original Message----- From: Christopher Black [mailto:cblack () cc3 com] Sent: Thursday, August 28, 2003 12:48 PM To: Zachary Mutrux; security-basics () securityfocus com Subject: RE: Physical Computer Location A costly solution would be to use a dynamic mapping utility such as the 4 port Ethernet jack by 3com. The jack will map the network and dynamically change the map as PC's move. Christopher Black CC3 Network Engineer cblack () cc3 com 215-672-6900 x8179
-----Original Message----- From: Zachary Mutrux [mailto:zmutrux () compumentor org] Sent: Thursday, August 28, 2003 12:22 PM To: security-basics () securityfocus com Subject: RE: Physical Computer Location You can deal with it in a couple of ways. 1) Roll your eyes, alter the inventory to reflect the new computer's location. 2) Examine your equipment replacement policy to replace computers not based on age, but on who would benefit the company the most by having a new computer, based on improved productivity from a faster machine, for example. Maybe the doctor needs a new machine more than the secretary. 3) Disallow users other than the assigned user to log on to the computer. Or, just disallow the doctor from logging on to his secretary's machine. In dark and forbidding tones, forbid the secretary from revealing her password to the doctor. It doesn't do the doctor much good to move the computer if he can't log on. You can accomplish this in the local security policy on the computer if it is running Windows 2000 or XP. You might even be able to do it for whole groups of computers using Group Policy in Windows 2000 domains. If anyone complains about this, tell them you are applying the policy because of HIPAA regulations. Since you have more computers than users, obviously some users may need to log on to more than one machine. So proceed cautiously with this policy. 4) Talk to your supervisor about the problem and see if he can talk to the doctor's supervisor about the problem. This probably will be ineffectual. That's all I can think of right now. Yours, Zac -- Zac Mutrux Technology Consultant CompuMentor 415-633-9437 On Mon, 25 Aug 2003, Thomas Graf wrote:Hello everyone! I am a newbie trying to make some in-roads in the network security department. I work at a hospital with approximately 1000 users but about 3000 computers. We are currently rolling out newcomputers andare having problems after they are installed. For example,we replacethe secretary's computer but the doctor is fussing because he is not getting a new one. So, he being the powerful doctor willswap the newone with his old one. We then have the wrong location listed on the information database for that computer. We try to correctthe situationas much as we can but this being a huge hospital, it gets very hard. So, what can we do to keep track of any physical movements of the computer over the network? Any suggestions are acceptable. We just can't lock down the computers because of all the movements in departments because of construction. Thomas Graf IS Hardware/Software Tech (254)724-0155-------------------------------------------------------------- ------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com -------------------------------------------------------------- --------------
------------------------------------------------------------------------ --- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- Physical Computer Location Thomas Graf (Aug 25)
- Re: Physical Computer Location John R. Morris (Aug 26)
- RE: Physical Computer Location Jason Chung-Tung (Aug 26)
- RE: Physical Computer Location Zachary Mutrux (Aug 28)
- RE: Physical Computer Location Kevin Ashurst (Aug 26)
- Re: Physical Computer Location Pete Hunt (Aug 26)
- Re: Physical Computer Location Charley Hamilton (Aug 26)
- <Possible follow-ups>
- RE: Physical Computer Location Tim Donahue (Aug 26)
- RE: Physical Computer Location Christopher Black (Aug 28)
- RE: Physical Computer Location David Sommers (Aug 28)
- Re: Physical Computer Location John R. Morris (Aug 26)