We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Any logs to identify someone on trusted network copying files from another computer?

Medium Priority
543 Views
Last Modified: 2013-11-30
For the past 2 days, I've been trying to get my network talking to two computers - one a desktop and the other a laptop both Vista Ultimate.  Now that I got it working I find out that my D-link wireless router was reset and that the wireless was on and unprotected.  That's when I discovered all my personal files were available to be shared and download by anyone in the neighborhood.  

Is there a way to look at a log to see if those files were copied over to their machine or even see who connected into the D-link router (DGL-4500)?  I currently also have McAfee Internet Security and was wondering if there was a way to check log files there?

My d-link log has the following.  Am I to conclude that another machine would not be able to connect to the router without WARN log item?  If so, then all I've got to figure out what computers are 000048614A68 and 001E8CD31B3D are?  E2250 is my desktop and LM140SPL is the laptop.

[WARN] Sat Jan 31 23:55:47 2004 A network computer (000048614A68) was assigned the IP address of 192.168.0.199.
[WARN] Sat Jan 31 23:55:47 2004 A network computer (001E8CD31B3D) was assigned the IP address of 192.168.0.198.
[WARN] Sat Jan 31 23:55:47 2004 A network computer (E2250) was assigned the IP address of 192.168.0.198.
[WARN] Sun Feb 01 13:26:15 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.197.
[WARN] Sun Feb 01 14:26:37 2004 A network computer (E2250) was assigned the IP address of 192.168.0.198.
[WARN] Sun Feb 01 15:02:09 2004 A network computer (E2250) was assigned the IP address of 192.168.0.198.
[WARN] Sun Feb 01 15:14:49 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.197.
[WARN] Sun Feb 01 15:27:48 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.191.
[WARN] Sun Feb 01 15:30:51 2004 Above message repeated 1 times
[WARN] Sun Feb 01 15:36:52 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.197.
[WARN] Sun Feb 01 15:47:40 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.195.
[WARN] Sun Feb 01 15:53:37 2004 A network computer (LM140SPL) was assigned the IP address of 192.168.0.197.
Comment
Watch Question

Without audit logging enabled i don't believe there is.  THe only information you would see with audit logging would be the account used to authenticate and if it is valid it will not provide any information to you because it would be one of your accounts. Your network device may have some small trivial information but having a firewall on your computer with strong passwords is the only thing that would prevent this scenario. You should search on "Defense in Depth"  as just depending on your wireless encryption is not likely to be safe  without taking further measures.  Make sure and reset the password on your wireless device as well as reseting the encryption key. Also use WPA2 when you setup your wireless.  

Author

Commented:
Where do I establish audit logging?  wireless routing?  mcafee?  admin tools?
CERTIFIED EXPERT
Most Valuable Expert 2011
Top Expert 2011
Commented:
In the DLink, se if there is an option for DHCP client table. Might list A PCName/MAc address that doesnt belong to your 2 PC's.....

Chances of this being a problem i would not think is high. Yea, you were exposed to the web/neighbors, but if you have strong passwords on your profile, then you should be ok.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Thank you very much.
CERTIFIED EXPERT
Most Valuable Expert 2011
Top Expert 2011

Commented:
Your welcome!
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.