Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

how to track tcp/ ip change in window xp

Posted on 2009-05-13
5
Medium Priority
?
311 Views
Last Modified: 2012-05-06
sir,

one user use my static ip. we identify them. he change the ip to private ip. we go to event viewer to track the ip change in system event viewer. but he also delete the event viewer item also. Now how can i found when ip change. pls tell us

thanks

0
Comment
Question by:Manojtanwar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 19

Assisted Solution

by:PeteJThomas
PeteJThomas earned 360 total points
ID: 24373523
Sorry but I know of no way to do this at all.

I don't even think there is an event logged when you change IP addresses in the first place?
0
 
LVL 6

Accepted Solution

by:
MikeGGG earned 1080 total points
ID: 24373571
You can write a small script which should constantly (for example once in a minute or in ahour)  resolve the DNS/Netbios name of his PC to IP, and compare with a previous lookup result. When it changed - its up to you to set up a trigger. For example - an email or so.
0
 
LVL 6

Assisted Solution

by:MikeGGG
MikeGGG earned 1080 total points
ID: 24373612
or, much better, remove him from local admins group. I just cannot imagine that  users will change their IPs or delete event logs and the administrator must tolerate it.
0
 
LVL 19

Assisted Solution

by:PeteJThomas
PeteJThomas earned 360 total points
ID: 24373711
==> or, much better, remove him from local admins group. I just cannot imagine that  users will change their IPs or delete event logs and the administrator must tolerate it. <==

Agreed!!

I may have misunderstood the question, I was assuming you meant you need to know when it was last changed rather than how to audit this change moving forward... O.o

Pete
0
 
LVL 7

Assisted Solution

by:sfarazmand
sfarazmand earned 60 total points
ID: 24374545
And to add, any alteration of company equipment to include computers is normally in violation of security training or documents the user signed.  If the user is consistently in the wrong, those policies can be used to terminate (make unemployed, not...well...you know) them.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question