I'm asking the best
How would you go about hiding a workstation (WS) on a coorperate network?
Every WS has a assigned name, automatic IP, is authenticated through the server on log on. How could you hide it so it still is able to authenticate itself, get all the updates, function normaly except it is invisable to anybody else on the network. Nobody can Ping it connect C$ to it or anything?
And to turn the question around, what would you look at as IT tech to find out what is hiding it?
yes you may ask.
I work as Deskside support in a remote area, some of the clients are 2.5 hours driving time one way and it is really annoying when you have to drive that far to do an install that could have been done remotely.
So I'm trying to figure out what the clients did to the laptop that makes them invisable to the rest of the network. They might have done this on purpose or unknowingly by installing something that isnt approved.
could be anything...a common one i see often is that the problem client stops receiving the GPO responsible for disabling the Windows Firewall. once the firewall is back on, you can't RDP to it or PING it by default, which breaks all remote assistance. correcting the GP or manually disabling the firewall does the trick.
other than that, it really depends on how your domain is set up, what rights the user has (if they are local admins then it is a free-for-all), etc.
Couldnt you just add an exception to windows firewall for RDP instead of disabling the firewall all together? I see this all the time with p2p software, it says to disable the firewall but usually upon first use windows prompts you for an exception or not so why just disable it?
we disable it on the internal network...it serves no purpose in a corporate environment. at home on my junk desktop, i use it w/ exceptions so i can vnc to it, etc...but in a locked down corporate scenario, the firewall only causes problems. there are so many levels of filtering, AV, etc going on that a software firewall on each desktop is not a benefit.
