• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 535
  • Last Modified:

Any logs to identify someone on trusted network copying files from another computer?

For the past 2 days, I've been trying to get my network talking to two computers - one a desktop and the other a laptop both Vista Ultimate.  Now that I got it working I find out that my D-link wireless router was reset and that the wireless was on and unprotected.  That's when I discovered all my personal files were available to be shared and download by anyone in the neighborhood.  

Is there a way to look at a log to see if those files were copied over to their machine or even see who connected into the D-link router (DGL-4500)?  I currently also have McAfee Internet Security and was wondering if there was a way to check log files there?

My d-link log has the following.  Am I to conclude that another machine would not be able to connect to the router without WARN log item?  If so, then all I've got to figure out what computers are 000048614A68 and 001E8CD31B3D are?  E2250 is my desktop and LM140SPL is the laptop.

[WARN] Sat Jan 31 23:55:47 2004 A network computer (000048614A68) was assigned the IP address of 192.168.0.199.
[WARN] Sat Jan 31 23:55:47 2004 A network computer (001E8CD31B3D) was assigned the IP address of 192.168.0.198.
[WARN] Sat Jan 31 23:55:47 2004 A network computer (E2250) was assigned the IP address of 192.168.0.198.
[WARN] Sun Feb 01 13:26:15 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.197.
[WARN] Sun Feb 01 14:26:37 2004 A network computer (E2250) was assigned the IP address of 192.168.0.198.
[WARN] Sun Feb 01 15:02:09 2004 A network computer (E2250) was assigned the IP address of 192.168.0.198.
[WARN] Sun Feb 01 15:14:49 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.197.
[WARN] Sun Feb 01 15:27:48 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.191.
[WARN] Sun Feb 01 15:30:51 2004 Above message repeated 1 times
[WARN] Sun Feb 01 15:36:52 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.197.
[WARN] Sun Feb 01 15:47:40 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.195.
[WARN] Sun Feb 01 15:53:37 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.197.
0
stephenlecomptejr
Asked:
stephenlecomptejr
  • 2
  • 2
1 Solution
 
rbeckerditeCommented:
Without audit logging enabled i don't believe there is.  THe only information you would see with audit logging would be the account used to authenticate and if it is valid it will not provide any information to you because it would be one of your accounts. Your network device may have some small trivial information but having a firewall on your computer with strong passwords is the only thing that would prevent this scenario. You should search on "Defense in Depth"  as just depending on your wireless encryption is not likely to be safe  without taking further measures.  Make sure and reset the password on your wireless device as well as reseting the encryption key. Also use WPA2 when you setup your wireless.  
0
 
stephenlecomptejrAuthor Commented:
Where do I establish audit logging?  wireless routing?  mcafee?  admin tools?
0
 
johnb6767Commented:
In the DLink, se if there is an option for DHCP client table. Might list A PCName/MAc address that doesnt belong to your 2 PC's.....

Chances of this being a problem i would not think is high. Yea, you were exposed to the web/neighbors, but if you have strong passwords on your profile, then you should be ok.
0
 
stephenlecomptejrAuthor Commented:
Thank you very much.
0
 
johnb6767Commented:
Your welcome!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now