I agree with Chris, lock those dudes down with group policy, and if you do have DHCP, or if it's large enough to worry about, you can lock that down with DHCP by Reservations. It's a little more overhead to administer DHCP, but it keeps this users from bringing in their home computers and connecting up. The other solution I can think of is NAC with the switches, but I don't know if you have the right equipment or time for that.
SlimJim's idea is good too though if it is a small environment. I can't remember, but I think Cain will run through and grab all of the MAC addresses for you though, but then so will a lot of other tools.
Is there some kind of web content proxy with AV or something in place or that can be implemented that you're looking at rolling? I'm guessing and hoping that the mail piece is already there, and in somewhat decent shape.
Nice work and keep us in formed. I'm either having a brainstorm or brainfart, I'm not sure which yet, but I'm enjoying the post, and get frustrated with these guys at the same time. I can setup a lab if you need someone to help test ideas though.
I feel you on the company you were talking about. I had one similar that was cross platform 'nix, NT4, and Mac with everything (including workstations) on public ip addresses behind a commercial ISDN line... Yeah, not fun.
Keep up the good work guys.
Last edited by psychorugger
on Fri Dec 15, 2006 9:39 am, edited 1 time in total.
IAM, IEM, RWSP, CPTS