Hi! > > We need to know who had which ip when connected to AP to backtrack > > activities on net. > > Try Arpwatch: http://www.securityfocus.com/tools/142 > > In some case if the user doesn't use dhcp, arpwatch is a useful tool > to map ip address to mac address so it is easier to backtrack activities > on the net. > > Ralf Paffrath
Well. Yes. Thanx for info. We are running the arpwatch all the time, but actualy arpwatch only collects changes, new machines and so on. We also collect the arp tables from switches and routers. But still I need to match the data, that if there is some 'intrussion' I need to now that from time x to time y who was logged at ap and with witch IP. But thanx a lot. We can handle this. I was only currious if there is some other option to have the IP's controlled that are assigned to the clients. For example the radius can send an information to dhcp server, that a client with mac should have some ip and so on... P.Zibrita - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
