In the Usenet newsgroup comp.os.linux.networking, in article
>> Is there an IP utility for Linux that when used on a network can help
>> you figure out exactly where it's coming from? Also tell you the OS
>> version, so you can tell whether it's a printer or a Windows or Linux
Any O/S fingerprinting tool should be able to ID the system. Looking at
the Ethernet frame and grabbing the source MAC address will also give
Quote:> I mean like in a building. So we can help find out where things are
> instead of searching each and every single computer.
No - for that you'd need more efforts. If the individual computer
has no firewall running, and the user is doing network activities, such
as checking mail, you can often get a Username that way. In the old days
before we had to start securing systems against abuse, fingering the
unknown computer, or telnet/rsh/rlogin in, and running the 'w' or 'who'
command told most of what was needed.
Today, we don't allow a computer onto the net until we have full inventory
data, which includes username, location, property tag and serial numbers,
MAC Address, hostname, and cost center. Networking knows which port on
which switch is located in which room, and we can often have a network
admin and the security personnel at an unregistered computer before it
finishes booting - certainly within five minutes max.
If you don't have a list with such details, your best bet might be to
come in to the office tomorrow (Saturday) and "walk the halls" looking
at every single computer you find. Then, follow up by requiring those
details on every new computer brought into the facility, even if it's
only coming in for a presentation by some vendor. We're an R&D facility,
and corporate management has signed off on this policy. There are also
large signs at every entrance warning that un-authorized computers WILL
be confiscated. Employees are aware of policy, and have signed copies on
file. Visitors are required to read and sign a similar document before
being granted entry. BE SURE TO GET WRITTEN MANAGEMENT APPROVAL before
you implement this.