Re: Looking for maybe impossible script?

From: bing (rfulgoni_at_comcast.net)
Date: 06/07/04


Date: Sun, 6 Jun 2004 20:44:48 -0400


    Thanks everyone for your replies. The admin rights on the laptops were
the only thing I could forsee as the main issue. I was hopping a dream
script would would be able to at least check against the domain or MAC of
the machine an tell the dhcp server to not assign an ip no matter what. I
know there is so much more to this then my knoweldge of scripts goes. I
would love to see whats going on with our IDS but policy wont permit me to.
Lord only knows what the person running it is doing. I barly see them in the
office. Anyway I will keep looking for a fix. Tends to make me miss the
static days. Heck! Even if i could get a script that would notify me of such
an event, at least that way I can instantly contact the remote site an
inform the local IMO to go an remove the machine. At the current time I'm
catching them roughly 3 or 4 hours after there on (some days its worse cause
I just dont have the time. I just spent the last two weeks re-imaging 200
boxes that need to be deployed state wide by end of june.Would be nice to
have a hardware department.) Once I discover them I'm taking a quick band
aide fix and tracing them down to the port an then shuting it off. Bad thing
is they just move to another part of the building an plug back in. Such a
pain in the A** an surly not a safe way to do business. I agree the
nightmares are only going to get worse. There are days I wish such bad
things will happen in order to make the pencil pushers an number crunchers
take knowtice. All they can think about is the bottom line. When my boss
explains to them how much they can lose if they dont create a company wide
policy an enforce it, they just don't think it will happen. Funny thing, I
have this feeling when something does happen I will be the 1st to get the
axe. Once again thanks for all your help and input guys. Bing
"Martin CLAVREUIL"
<-dropthis-martin.clavreuil_dropthis_@wanadoo._drop-this_fr> wrote in
message news:O4CX18BTEHA.1048@tk2msftngp13.phx.gbl...
> hi,
>
> what about an intrusion detection system on the proxy lan wire ?
>
>
> "bing" <rfulgoni@comcast.net> a écrit dans le message de
> news:uvTA9H1SEHA.3476@tk2msftngp13.phx.gbl...
> > I'm looking for a script that will run on a network that checks if the
> > computer is in a workgroup. If its not (I'm just shooting for the stars
> > here) but if it's not it would remove the dhcp address an assign a
> 127.0.01
> > loopback to the machine. We dont have AD running yet, and to be honest
we
> > are so short handed we dont have time to build a ACL or run port
security.
> > We are trying to discourage users at remote sites from pluging in there
> > personal laptops to surf the net. Any help would be great. Thanks
> >
> >
>
>