Hey, Yes, that sounds very interesting. Please share with us :) If you need any help, just ask.
Thanks, -- Daniel B. Cid dcid ( at ) ossec.net On Tue, Mar 17, 2009 at 12:23 AM, <[email protected]> wrote: > > I've taken some time and created a basic decoder as well as some rules > for a Windows Server 2003 DHCP server. I've not yet had an opportunity > to test but I plan to as early as tomorrow morning. Would anyone be > interested in something like this? > > I thought this might be useful for tracking which host/machine had > which IP address at any given time. I currently use various open > source solutions for network mapping (switch ports, routers, etc.) but > I am in a m$ environment. I use m$ servers for DHCP and their logs > rotate weekly. I needed a better way to prove which machines had which > IP addresses at any given time. > > Disclaimer: I'm a n00b with this project. I've been using it in a lab > environment on and off for the past year or so to see what I might be > able to do with it. I think it's an awesome project with a lot of > potential. > > phishphreek >
