Security Basics mailing list archives
RE: rogue IP address
From: "Wilcox, Stephen" <StephenWilcox () universalcomputersys com>
Date: Fri, 2 May 2003 10:34:03 -0500
Try to RRAP the ip address. You will get the mac address of the box. MAC-to-PC-to-Hostname then find who the pc belongs to. That's one way. The other could be to traceroute the ip address and you should get hostname response back unless it have been disabled. This feature is on by default. Hope this helps -----Original Message----- From: dondon () pacbell net [mailto:dondon () pacbell net] Sent: Wednesday, April 30, 2003 5:40 PM To: security-basics () securityfocus com Subject: rogue IP address Someone on our network assigned an IP address to their own system without my knowledge. Using LANguard network scanner, the best I can tell is that it's a Linux box. The port-to-IP mapping table on our Asante switch doesn't see to work correctly. Any suggestions on tracing down that system that is associated with the IP is appreciated! Andy --------------------------------------------------------------------------- FastTrain has your solution for a great CISSP Boot Camp. The industry's most recognized corporate security certification track, provides a comprehensive prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT. Log onto http://www.securityfocus.com/FastTrain-security-basics ---------------------------------------------------------------------------- ---------------------------------------- The information transmitted in this message is intended only for the person or entity to whom it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this document. --------------------------------------------------------------------------- FastTrain has your solution for a great CISSP Boot Camp. The industry's most recognized corporate security certification track, provides a comprehensive prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT. Log onto http://www.securityfocus.com/FastTrain-security-basics ----------------------------------------------------------------------------
Current thread:
- Re: rogue IP address, (continued)
- Re: rogue IP address Dave (May 02)
- Re: rogue IP address Duston Sickler (May 02)
- Re: rogue IP address Jeff Harris (May 05)
- Re: rogue IP address Jason Burroughs (May 07)
- Re: rogue IP address Duston Sickler (May 02)
- Re: rogue IP address Richard Caley (May 02)
- RE: rogue IP address Burton M. Strauss III (May 02)
- RE: rogue IP address Jose Guevarra (May 02)
- Re: rogue IP address Dave (May 02)
- RE: rogue IP address David Gillett (May 02)
- RE: rogue IP address Anthony (May 05)
- RE: rogue IP address Wilcox, Stephen (May 02)
- Re: rogue IP address Chris Berry (May 02)
- RE: rogue IP address Jose Guevarra (May 02)
- Re: rogue IP address Benjamin A. Okopnik (May 05)
- Re: Rogue IP Address Alaric Darconville (May 02)
- RE: Rogue IP Address Jimmy Sansi (May 05)
- RE: Rogue IP Address Jose Guevarra (May 05)
- RE: rogue IP address Fields, James (May 05)
- RE: rogue IP address Chris Berry (May 05)
- Re: rogue IP address Erik ! (May 06)
- RE: rogue IP address Burton M. Strauss III (May 07)
(Thread continues...)
- Re: rogue IP address Dave (May 02)