Admin hint.
#1
Admin hint for the day. Keep a list of mac addresses for the network interfaces., Reason I say this is that people will invariably want to use their own equipment on your network i .e. using your bandwidth among other things. Usually if you only use a standard type of network interface, you can go to the dhcp server and see the nonstandard nic mac address stick out like a sore thumb allowing you to pursue the matter further. If there are no oddball mac addresses, you can also compare all network connects against the existing database. If a nic mac address does not match, your off to investigate. You could exclude the non-standard interfaces, but on a public network that is not always practical.
If something nefarious was definitely going on, we would shut down the port at the switch. But then they would know you are on to them. Takes judgment.
#2
Admin hint for the day. Keep a list of mac addresses for the network interfaces., Reason I say this is that people will invariably want to use their own equipment on your network i .e. using your bandwidth among other things. Usually if you only use a standard type of network interface, you can go to the dhcp server and see the nonstandard nic mac address stick out like a sore thumb allowing you to pursue the matter further. If there are no oddball mac addresses, you can also compare all network connects against the existing database. If a nic mac address does not match, your off to investigate. You could exclude the non-standard interfaces, but on a public network that is not always practical.
If something nefarious was definitely going on, we would shut down the port at the switch. But then they would know you are on to them. Takes judgment.
#2
Have
seen several articles about ow MSAdmins are balking about having to use
the command line. It amuses me quite a bit. Not so long ago a company
called Sysinternals (since bought by Microsoft) came out with a set of
commands called pstools, psexec, and etc, At that particular time., I
was working for a company that had a campus of several square miles.
During the summer, doing sneaker support. could be a real challenge.
With the Sysinternals software,you could add, remove, and change
software all from one point without running around during bad weather
days, plus it saved a lot of time.
Eventually the company I worked for eventually acquired gui based software that did pretty much the same thing but was godly expensive and tremendously not foolproof, The Issues may have been resolved by now, but I have not kept up with it. Left my employer not long after that.
It is interesting now that M$ is using that kind of command line methodology with their new servers. This makes sense because you can script aka make batch files to not only automate many tasks but easily document exactly what is done. Easily repeatable and easily do it remotely. You can then take those files and easily edit them for other tasks. You can not really do that with the mouse aka gui environment
Eventually the company I worked for eventually acquired gui based software that did pretty much the same thing but was godly expensive and tremendously not foolproof, The Issues may have been resolved by now, but I have not kept up with it. Left my employer not long after that.
It is interesting now that M$ is using that kind of command line methodology with their new servers. This makes sense because you can script aka make batch files to not only automate many tasks but easily document exactly what is done. Easily repeatable and easily do it remotely. You can then take those files and easily edit them for other tasks. You can not really do that with the mouse aka gui environment
Comments
Post a Comment