Re: rogue IP address

["Benjamin A. Okopnik" <ben () callahans org>]

On Thu, May 01, 2003 at 01:18:34PM -0700, Chris Berry wrote:
> > From: <dondon () pacbell net>
> > Someone on our network assigned an IP address to their own system without
> > my knowledge.  Using LANguard network scanner, the best I can tell is that
> > it's a Linux box.  The port-to-IP mapping table on our Asante switch
> > doesn't see to work correctly.
> >
> > Any suggestions on tracing down that system that is associated with the IP
> > is appreciated!
>
> Assign that IP to another box and wait to see who calls in for tech support 
> because of the conflict.

A sysadmin I know used a Windows box on her all-Linux network for just
that purpose; seems that Windows is *a lot* more contentious when
fighting for a specific IP than Linux is. Mr. "oh, is that what those
numbers I changed mean?" User showed up at her door within minutes.


Ben Okopnik
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Never attribute to malloc that which can be adequately explained by
stupidity.
 -- Joerg Pommnitz

---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most 
recognized corporate security certification track, provides a comprehensive 
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case 
studies and true hands-on utilization 
of pertinent security tools. For a limited time you can enter for a chance 
to win one of the latest technological innovations, the SEGWAY HT. 
Log onto http://www.securityfocus.com/FastTrain-security-basics 
----------------------------------------------------------------------------