Windows NT 4.0 RAS Logs.

Good Afternoon,

I have a user logging on to our VPN server, and he's having difficulties
that I'd like to go over with him. I believe he is running either a
Netmeeting or PcAnywhere host on his machine at home, and I'd like to
get his IP without having him have to search for it.

I would imagine that once a user logs on to the VPN server a log is kept
with their IP on it.

Anyone know where..

The event viewer just says that user xxxx logged on/off at x:00


Thanks.

Luke MacNeil.

Luke MacNeil

Luke MacNeil <> wrote in news:AlAKb.764633
$Fm2.731395@attbi_s04:

>
> I would imagine that once a user logs on to the VPN server a log is kept
> with their IP on it.
>
> Anyone know where..
>
> The event viewer just says that user xxxx logged on/off at x:00
>
>
> Thanks.
>
> Luke MacNeil.
>

i am not sure if NT automatically logs or whether you actualy have to go in
there and enable logging/auditing? you might want to post this on
msnews.pulic ng's.


--
Rowdy Yates
MCSE, Security+, Linux+
I am Against-TCPA
http://www.againsttcpa.com

Rowdy Yates

Rowdy Yates wrote:
> Luke MacNeil <> wrote in news:AlAKb.764633
> $Fm2.731395@attbi_s04:
>
>
>>I would imagine that once a user logs on to the VPN server a log is kept
>>with their IP on it.
>>
>>Anyone know where..
>>
>>The event viewer just says that user xxxx logged on/off at x:00
>>
>>
>>Thanks.
>>
>>Luke MacNeil.
>>
>
>
> i am not sure if NT automatically logs or whether you actualy have to go in
> there and enable logging/auditing? you might want to post this on
> msnews.pulic ng's.
>
>

Thanks for the reply!

Luke MacNeil

Luke MacNeil <> wrote in
news:d0VKb.757822$HS4.5986379@attbi_s01:

> Rowdy Yates wrote:
>> Luke MacNeil <> wrote in news:AlAKb.764633
>> $Fm2.731395@attbi_s04:
>>
>>
>>>I would imagine that once a user logs on to the VPN server a log is
>>>kept with their IP on it.
>>>
>>>Anyone know where..
>>>
>>>The event viewer just says that user xxxx logged on/off at x:00
>>>
>>>
>>>Thanks.
>>>
>>>Luke MacNeil.
>>>
>>
>>
>> i am not sure if NT automatically logs or whether you actualy have to
>> go in there and enable logging/auditing? you might want to post this
>> on msnews.pulic ng's.
>>
>>
>
> Thanks for the reply!
>

no prob. sorry i can't be of more help. i havent touched an NT system in
yrs.



--
Rowdy Yates
MCSE, Security+, Linux+
I am Against-TCPA
http://www.againsttcpa.com

Rowdy Yates

Rowdy Yates wrote:
> Luke MacNeil <> wrote in
> news:d0VKb.757822$HS4.5986379@attbi_s01:
>
>
>>Rowdy Yates wrote:
>>
>>>Luke MacNeil <> wrote in news:AlAKb.764633
>>>$Fm2.731395@attbi_s04:
>>>
>>>
>>>
>>>>I would imagine that once a user logs on to the VPN server a log is
>>>>kept with their IP on it.
>>>>
>>>>Anyone know where..
>>>>
>>>>The event viewer just says that user xxxx logged on/off at x:00
>>>>
>>>>
>>>>Thanks.
>>>>
>>>>Luke MacNeil.
>>>>
>>>
>>>
>>>i am not sure if NT automatically logs or whether you actualy have to
>>>go in there and enable logging/auditing? you might want to post this
>>>on msnews.pulic ng's.
>>>
>>>
>>
>>Thanks for the reply!
>>
>
>
> no prob. sorry i can't be of more help. i havent touched an NT system in
> yrs.
>
>
>
Lucky you,

Trying to make me jealous?
I'm actually setting up my debian box here at work.. If it were my
choice, we'd be switching over now.. But I notice you have your
Security+ .. is that certification worth anything or is it just another
step toward MCSE?

I'm taking night classes now for A+,Net+,Linux+, MCSE.. Theres another
certification after that too... A security one.. CNPP maybe, or
something like that.. I forget.

What steps would be necissary to secure this debian box enough no to
open more security holes than we already have?

Luke.

Luke MacNeil

Luke MacNeil <> wrote in
news:HUzLb.6582$5V2.10863@attbi_s53:

> Rowdy Yates wrote:
>> Luke MacNeil <> wrote in
>> news:d0VKb.757822$HS4.5986379@attbi_s01:
>>
>>
>>>Rowdy Yates wrote:
>>>
>>>>Luke MacNeil <> wrote in news:AlAKb.764633
>>>>$Fm2.731395@attbi_s04:
>>>>
>>>>
>>>>
>>>>>I would imagine that once a user logs on to the VPN server a log is
>>>>>kept with their IP on it.
>>>>>
>>>>>Anyone know where..
>>>>>
>>>>>The event viewer just says that user xxxx logged on/off at x:00
>>>>>
>>>>>
>>>>>Thanks.
>>>>>
>>>>>Luke MacNeil.
>>>>>
>>>>
>>>>
>>>>i am not sure if NT automatically logs or whether you actualy have
>>>>to go in there and enable logging/auditing? you might want to post
>>>>this on msnews.pulic ng's.
>>>>
>>>>
>>>
>>>Thanks for the reply!
>>>
>>
>>
>> no prob. sorry i can't be of more help. i havent touched an NT system
>> in yrs.
>>
>>
>>
> Lucky you,
>
> Trying to make me jealous?
> I'm actually setting up my debian box here at work.. If it were my
> choice, we'd be switching over now.. But I notice you have your
> Security+ .. is that certification worth anything or is it just
> another step toward MCSE?
>
> I'm taking night classes now for A+,Net+,Linux+, MCSE.. Theres another
> certification after that too... A security one.. CNPP maybe, or
> something like that.. I forget.
>
> What steps would be necissary to secure this debian box enough no to
> open more security holes than we already have?
>
> Luke.
>

hi there. you are going to want to post this on a *nix.security ng. both
unix & linux should be fine. my *nix skills & knowledge are too basic to
give any advice of any use on security debian boxes.

re: sec+, it's an entry level cert in the security field. the study
materials gives you an nice introdiction into CBK security domain
concepts. i did MS ISA for my elective, so it wasn't towards my MCSE.

--
Rowdy Yates
MCSE, Security+, Linux+
I am Against-TCPA
http://www.againsttcpa.com

Rowdy Yates