I've taken some time and created a basic decoder as well as some rules for a Windows Server 2003 DHCP server. I've not yet had an opportunity to test but I plan to as early as tomorrow morning. Would anyone be interested in something like this?
I thought this might be useful for tracking which host/machine had which IP address at any given time. I currently use various open source solutions for network mapping (switch ports, routers, etc.) but I am in a m$ environment. I use m$ servers for DHCP and their logs rotate weekly. I needed a better way to prove which machines had which IP addresses at any given time. Disclaimer: I'm a n00b with this project. I've been using it in a lab environment on and off for the past year or so to see what I might be able to do with it. I think it's an awesome project with a lot of potential. phishphreek
