-
May 9th, 2005, 08:50 PM
#21
Originally posted here by AngelicKnight
So, mystery solved! Turns out it's a laptop that belongs to one of our employees. He changed the name of his machine to that weird name above, thus throwing me off all morning long. All it took was kicking that MAC off the AP for me to get the "I lost my connection!" phone call.
So the question that remains is why does he have "gnutella p2p networking" loaded on his laptop? Do you allow P2P apps. on your company systems?
Cheers:
-
May 9th, 2005, 08:52 PM
#22
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
May 9th, 2005, 08:53 PM
#23
Originally posted here by AngelicKnight
That laptop that the MAC belongs to is turned off, sitting safely in a cabinet right now.
Thats the part that confuses me. Was that laptop indeed off at the time your were querying it?
-
May 9th, 2005, 09:11 PM
#24
Doesn't need P2P. P2P should go away methinks.
Thats the part that confuses me. Was that laptop indeed off at the time your were querying it?
Sorry 'bout that, look back a few posts up where I was talking about the new firmware jumbling up the correlation of MAC addresses and system names...that's the culprit for that. I'm now going back in and fixing it all.
-
May 9th, 2005, 09:16 PM
#25
Hmmm, I user who changes his PC name, and has open p2p ports. He/She would now be on my official "****" list.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
May 9th, 2005, 09:21 PM
#26
He kinda has a habit on staying on everyone's list actually...
-
May 9th, 2005, 09:30 PM
#27
Can anyone add machines to your network???
Change the name??
Usually that is restricted...even in w2k??
MLF
How people treat you is their karma- how you react is yours-Wayne Dyer
-
May 9th, 2005, 09:35 PM
#28
I think he did more than change the name, if he was able to connect to your network and bypass your domain log in.
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
-
May 9th, 2005, 09:38 PM
#29
So... now that you've had this problem... its time to look into ways to prevent this from happening again.
REMOVE local admin rights from the users. Doesn't look like you have a domain... or they unjoined/formatted/reloaded their box. If you are on a domain... start using group policies. Restrict people from installing software, etc.
Firewalls: You must be allowing outbound traffic for that p2p app... you need to lock down your gateway's outgoing ports. Arrainge your hosts in groups of IP addresses and filter outgoing based on those groups. group1 only needs outbound 53, 80 and 443. group 2 needs 20,21,22,25,53,80 and 443. Etc.
You should have your wifi and wired clients on different subnets with a firewall between. This doesn't have to be expensive... an old PII or PIII with IPCOP loaded would fit nicely. And it'd provide you a lot more security (iptables, transparent proxy with filtering (dansguardian), etc.) and services than your standard AP. Only allow access from the wifi boxes to what they NEED. You can do this on an IP basis if you want to. If they only need access to the gateway and server x... restrict them from everything else.
WIFI: You don't HAVE to use VPN or a Radius server for authenticaion... but it is recommened for a corp network. Ditch WEP and implement WPA (with our without Radius).
I'm sure I'm leaving out a lot... but I'm in a hurry. Time to take my last final!
Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
-
May 9th, 2005, 09:38 PM
#30
I configured his laptop to access the network. In fact, he purchased that laptop for use at home and here, letting us totally get rid of the desktop that was in that office. However, that certainly wasn't the name I gave the system, so that's what he changed.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|