how to find hacker

chfgao — Sun, 10 Mar 2019 14:33:37 GMT

Some one modified his workstation' MAC and rebooted his machine.Then he again modified his machine's MAC to original one after he intruded into my computer. My IDS recorded his ip and MAC. How to find which house the hacker's computer was? After the hacker has disconnected,can I find which port of switch his machine used to connect?

Re: how to find hacker

lwierenga — Mon, 10 Nov 2003 03:20:08 GMT

You will have to give more information on the situation, because it sounds like this is community housing or a dorm? Here is the problem, if the attacker that compromised your system is good enough to get in, then he probably wouldn't be using his IP address, as opposed to spoofing this address. If you have his MAC address then you can compare this address with the addresses in arp table of the switch. Use the sh arp command. If this answers your question, then please close and rate. Thanks

topic Re: how to find hacker in Network Access Control

how to find hacker

Re: how to find hacker