Rogue PCs on the network

By admin ·
Can anyone tell me how to prevent rogue PCs from gaining access to the internet and file sharing on my network?

This conversation is currently closed to new comments.

8 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Secure your network

by robo_dev In reply to Rogue PCs on the network

Enable mac-address restrictions in ethernet edge switches.

Disable DHCP and assign static IP addresses (not really a deterrent for most people).

Disable unused ethernet jacks.

Implement NAC (network access control) from Cisco and/or Microsoft.

Install security cameras, armed guards, create a policy to forbid it, etc.

Collapse -


by Dr Dij In reply to Secure your network

use a proxy for internet access - all internet access goes thru one of your servers rather than directly to internet.

it is childs play to fake a mac address, that said, very few 'regular people' are likely to do it, other than industrial spies, criminals set on stealing your info, rogue admins, competitors in disguise...

plus someone should check logs regularly

Collapse -


by OH Smeg In reply to and

Remove all Wireless access points to the Network.

If you absolutely must have WiFi Access use WPA2 security.


Collapse -


by wesley.chin In reply to Rogue PCs on the network

I am confused. Where are the rogue PCs? Are the rogue PCs random or on the intranet? What is the OS?

If the rogue PCs are intranet, allow no exceptions in the Windows Firewall (if Windows is the OS). If not intranet, get a good hardware firewall.

Collapse -

clarify: Do you mean wired or wireless?

by robo_dev In reply to Rogue PCs on the network

And do you mean physical access or logical access?

I assume that you meant wired-physical access, but you know what happens when you assume....

Collapse -

Yes, wired.

by admin In reply to clarify: Do you mean wire ...

Thanks for all the replies so far. I guess I need to be more specific. It's a wired LAN and I'm running Win2003 R2 in a school environment. Users must join the domain to use file or print services, but Internet Access it still open. Is there something in Active Directory that will allow me to restrict access to only those PCs in an specific OU?

Collapse -

ways to control access

by JohnBHeller In reply to Rogue PCs on the network


Sounds like you could use a proxy server. Microsoft and several other companies make them. The homepage for the microsoft proxy product now called ISA server is

There are many others on the market too. I have used one called Proxy plus that was very good.

Running a network with students invloved is a contant challenge. They are always expoiting any weaknesses that you leave open. Unfortunately there are a lot of resources and information that they can find via a search of the internet.

For a proxy server to be sucessful, you will need to restict access to the router on the common ports such as port 80. Redict incoming packets to the proxy server so that they can't just type in the direct routers ip address to bypass the proxy. Put in an ACL to the router so that only certain hosts can communicate with it. If possible, connect the router directly to the proxy server on a seperate ethernet card, so that they is no direct access to the router. This depends on what other site access you allow ie staff being able to VPN in from home.

With ISA server you can set up access rules based on usernames and groups to restirct or stop internet access. Of course the server also logs web sites visited and allows you the ban sites too. It caches websites, and speeds up access to commonly accessed pages too.

I'd imagine that there are some good forum sites devoted to IT managers based in schools where you can swap hints and horror stories.

I personally know the IT manangers of two local highschools, so i can probably put you in touch with them if you need more specific information.

Back to Networks Forum
8 total posts (Page 1 of 1)  

Related Discussions

Related Forums